pkg:maven/io.jenkins.plugins/miniorange-saml-sp
Type
maven
Namespace
io.jenkins.plugins
Name
miniorange-saml-sp
Known advisories, vulnerabilities and fixes for io.jenkins.plugins/miniorange-saml-sp package.
High
2
Moderate
5
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 2.1.0 |
CVE-2023-32992
|
MAVEN:GHSA-3XF9-PGC2-MR9C | Jenkins SAML Single Sign On(SSO) Plugin missing permission checks | high |
2023-05-16T18:30:16
(16 months ago) |
|
Fixed | = 2.1.0 |
CVE-2023-32992
|
MAVEN:GHSA-3XF9-PGC2-MR9C | Jenkins SAML Single Sign On(SSO) Plugin missing permission checks | high |
2023-05-16T18:30:16
(16 months ago) |
|
Affected | < 2.1.0 |
CVE-2023-32993
|
MAVEN:GHSA-6V6H-RW43-97FH | Jenkins SAML Single Sign On(SSO) Plugin missing hostname validation | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
Fixed | = 2.1.0 |
CVE-2023-32993
|
MAVEN:GHSA-6V6H-RW43-97FH | Jenkins SAML Single Sign On(SSO) Plugin missing hostname validation | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
Affected | < 2.2.0 |
CVE-2023-32994
|
MAVEN:GHSA-9M92-QWPC-QM78 | Jenkins SAML Single Sign On(SSO) Plugin unconditionally disables SSL/TLS certificate validation | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
Fixed | = 2.2.0 |
CVE-2023-32994
|
MAVEN:GHSA-9M92-QWPC-QM78 | Jenkins SAML Single Sign On(SSO) Plugin unconditionally disables SSL/TLS certificate validation | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
Affected | < 2.0.1 |
CVE-2023-32995
|
MAVEN:GHSA-GHPM-MGF5-CV8Q | Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
Fixed | = 2.0.1 |
CVE-2023-32995
|
MAVEN:GHSA-GHPM-MGF5-CV8Q | Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
Affected | < 2.3.1 |
CVE-2023-37945
|
MAVEN:GHSA-P4WR-9WFM-F9JW | Jenkins SAML Single Sign On(SSO) Plugin missing permission check | moderate |
2023-07-12T18:30:38
(14 months ago) |
|
Fixed | = 2.3.1 |
CVE-2023-37945
|
MAVEN:GHSA-P4WR-9WFM-F9JW | Jenkins SAML Single Sign On(SSO) Plugin missing permission check | moderate |
2023-07-12T18:30:38
(14 months ago) |
|
Affected | < 2.0.1 |
CVE-2023-32996
|
MAVEN:GHSA-W88F-J9RC-H7V3 | Jenkins SAML Single Sign On(SSO) Plugin missing permission checks | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
Fixed | = 2.0.1 |
CVE-2023-32996
|
MAVEN:GHSA-W88F-J9RC-H7V3 | Jenkins SAML Single Sign On(SSO) Plugin missing permission checks | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
Affected | < 2.1.0 |
CVE-2023-32991
|
MAVEN:GHSA-XW6J-MQ6V-PMV6 | Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability | high |
2023-05-16T18:30:16
(16 months ago) |
|
Fixed | = 2.1.0 |
CVE-2023-32991
|
MAVEN:GHSA-XW6J-MQ6V-PMV6 | Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability | high |
2023-05-16T18:30:16
(16 months ago) |