pkg:maven/org.jenkins-ci.plugins.m2release/m2release
Type
maven
Namespace
org.jenkins-ci.plugins.m2release
Name
m2release
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins.m2release/m2release package.
High
2
Moderate
2
Low
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | < 0.15.0 |
CVE-2019-10360
|
 MAVEN:GHSA-79RM-F26G-296P
|
Jenkins Maven Release Plugin vulnerable to Cross-site Scripting | moderate |
2022-05-24T16:51:51
(2 years ago) |
|
| Fixed | = 0.15.0 |
CVE-2019-10360
|
MAVEN:GHSA-79RM-F26G-296P
|
Jenkins Maven Release Plugin vulnerable to Cross-site Scripting | moderate |
2022-05-24T16:51:51
(2 years ago) |
|
| Affected | <= 0.16.1 |
CVE-2019-16549
|
MAVEN:GHSA-7MF5-79GV-66GH
|
Jenkins Maven Release Plug-in Plugin XXE vulnerability | high |
2022-05-24T17:03:46
(2 years ago) |
|
| Fixed | = 0.16.2 |
CVE-2019-16549
|
MAVEN:GHSA-7MF5-79GV-66GH
|
Jenkins Maven Release Plug-in Plugin XXE vulnerability | high |
2022-05-24T17:03:46
(2 years ago) |
|
| Affected | <= 0.16.1 |
CVE-2019-16550
|
MAVEN:GHSA-G2X8-XW86-VPQ3
|
Cross-site request forgery (CSRF) vulnerability in Jenkins Maven Release Plugin | high |
2022-05-24T17:03:46
(2 years ago) |
|
| Fixed | = 0.16.2 |
CVE-2019-16550
|
MAVEN:GHSA-G2X8-XW86-VPQ3
|
Cross-site request forgery (CSRF) vulnerability in Jenkins Maven Release Plugin | high |
2022-05-24T17:03:46
(2 years ago) |
|
| Affected | < 0.15.0 |
CVE-2019-10359
|
MAVEN:GHSA-R4RV-CQ77-6P24
|
Jenkins Maven Release Plugin contains Cross-Site Request Forgery vulnerability | moderate |
2022-05-24T16:51:50
(2 years ago) |
|
| Fixed | = 0.15.0 |
CVE-2019-10359
|
MAVEN:GHSA-R4RV-CQ77-6P24
|
Jenkins Maven Release Plugin contains Cross-Site Request Forgery vulnerability | moderate |
2022-05-24T16:51:50
(2 years ago) |
|
| Affected | <= 0.14.0 |
CVE-2019-10361
|
MAVEN:GHSA-VWX8-QPQH-QWM9
|
Jenkins Maven Release Plug-in Plugin stored credentials in plain text | low |
2022-05-24T16:51:51
(2 years ago) |
|
| Fixed | = 0.15.0 |
CVE-2019-10361
|
MAVEN:GHSA-VWX8-QPQH-QWM9
|
Jenkins Maven Release Plug-in Plugin stored credentials in plain text | low |
2022-05-24T16:51:51
(2 years ago) |