pkg:maven/io.jenkins.plugins/miniorange-saml-sp
Type
maven
Namespace
io.jenkins.plugins
Name
miniorange-saml-sp
Known advisories, vulnerabilities and fixes for io.jenkins.plugins/miniorange-saml-sp package.
High
2
Moderate
5
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | < 2.1.0 |
CVE-2023-32992
|
 MAVEN:GHSA-3XF9-PGC2-MR9C
|
Jenkins SAML Single Sign On(SSO) Plugin missing permission checks | high |
2023-05-16T18:30:16
(16 months ago) |
|
| Fixed | = 2.1.0 |
CVE-2023-32992
|
MAVEN:GHSA-3XF9-PGC2-MR9C
|
Jenkins SAML Single Sign On(SSO) Plugin missing permission checks | high |
2023-05-16T18:30:16
(16 months ago) |
|
| Affected | < 2.1.0 |
CVE-2023-32993
|
MAVEN:GHSA-6V6H-RW43-97FH
|
Jenkins SAML Single Sign On(SSO) Plugin missing hostname validation | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
| Fixed | = 2.1.0 |
CVE-2023-32993
|
MAVEN:GHSA-6V6H-RW43-97FH
|
Jenkins SAML Single Sign On(SSO) Plugin missing hostname validation | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
| Affected | < 2.2.0 |
CVE-2023-32994
|
MAVEN:GHSA-9M92-QWPC-QM78
|
Jenkins SAML Single Sign On(SSO) Plugin unconditionally disables SSL/TLS certificate validation | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
| Fixed | = 2.2.0 |
CVE-2023-32994
|
MAVEN:GHSA-9M92-QWPC-QM78
|
Jenkins SAML Single Sign On(SSO) Plugin unconditionally disables SSL/TLS certificate validation | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
| Affected | < 2.0.1 |
CVE-2023-32995
|
MAVEN:GHSA-GHPM-MGF5-CV8Q
|
Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
| Fixed | = 2.0.1 |
CVE-2023-32995
|
MAVEN:GHSA-GHPM-MGF5-CV8Q
|
Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
| Affected | < 2.3.1 |
CVE-2023-37945
|
MAVEN:GHSA-P4WR-9WFM-F9JW
|
Jenkins SAML Single Sign On(SSO) Plugin missing permission check | moderate |
2023-07-12T18:30:38
(14 months ago) |
|
| Fixed | = 2.3.1 |
CVE-2023-37945
|
MAVEN:GHSA-P4WR-9WFM-F9JW
|
Jenkins SAML Single Sign On(SSO) Plugin missing permission check | moderate |
2023-07-12T18:30:38
(14 months ago) |
|
| Affected | < 2.0.1 |
CVE-2023-32996
|
MAVEN:GHSA-W88F-J9RC-H7V3
|
Jenkins SAML Single Sign On(SSO) Plugin missing permission checks | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
| Fixed | = 2.0.1 |
CVE-2023-32996
|
MAVEN:GHSA-W88F-J9RC-H7V3
|
Jenkins SAML Single Sign On(SSO) Plugin missing permission checks | moderate |
2023-05-16T18:30:16
(16 months ago) |
|
| Affected | < 2.1.0 |
CVE-2023-32991
|
MAVEN:GHSA-XW6J-MQ6V-PMV6
|
Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability | high |
2023-05-16T18:30:16
(16 months ago) |
|
| Fixed | = 2.1.0 |
CVE-2023-32991
|
MAVEN:GHSA-XW6J-MQ6V-PMV6
|
Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability | high |
2023-05-16T18:30:16
(16 months ago) |