pkg:maven/org.jenkins-ci.plugins/artifactory
Type
maven
Namespace
org.jenkins-ci.plugins
Name
artifactory
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/artifactory package.
High
1
Moderate
4
Medium
2
Low
5
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 3.2.2 |
CVE-2019-10321
CVE-2019-10322 |
 JENKINS:SECURITY-1015-1
|
CSRF vulnerability and missing permission check in `artifactory` allow capturing credentials | medium |
2019-05-31T00:00:00
(5 years ago) |
|
| Affected | <= 3.2.2 |
CVE-2019-10323
|
JENKINS:SECURITY-1015-2
|
Users with Overall/Read access could enumerate credential IDs in `artifactory` | medium |
2019-05-31T00:00:00
(5 years ago) |
|
| Affected | <= 3.2.2 |
CVE-2019-10324
|
JENKINS:SECURITY-1347
|
CSRF vulnerability in `artifactory` | low |
2019-05-31T00:00:00
(5 years ago) |
|
| Affected | <= 3.6.0 |
CVE-2020-2165
|
JENKINS:SECURITY-1542-2
|
Passwords transmitted in plain text by `artifactory` | low |
2020-03-25T00:00:00
(4 years ago) |
|
| Fixed | = 3.6.1 |
CVE-2020-2165
|
JENKINS:SECURITY-1542-2
|
Passwords transmitted in plain text by `artifactory` | low |
2020-03-25T00:00:00
(4 years ago) |
|
| Affected | <= 2.16.1 |
CVE-2018-1000424
|
JENKINS:SECURITY-265
|
Artifactory Plugin stored old directly entered credentials unencrypted on disk | low |
2018-09-25T00:00:00
(6 years ago) |
|
| Fixed | = 2.16.2 |
CVE-2018-1000424
|
JENKINS:SECURITY-265
|
Artifactory Plugin stored old directly entered credentials unencrypted on disk | low |
2018-09-25T00:00:00
(6 years ago) |
|
| Affected | <= 3.2.2 |
CVE-2019-10323
|
 MAVEN:GHSA-3M8W-442M-3P2Q
|
Jenkins Artifactory Plugin missing permission check | moderate |
2022-05-24T22:00:02
(2 years ago) |
|
| Affected | < 3.6.0 |
CVE-2020-2164
|
MAVEN:GHSA-4Q47-PH87-FQ4F
|
Passwords stored in plain text by Jenkins Artifactory Plugin | low |
2022-05-24T17:12:40
(2 years ago) |
|
| Fixed | = 3.6.0 |
CVE-2020-2164
|
MAVEN:GHSA-4Q47-PH87-FQ4F
|
Passwords stored in plain text by Jenkins Artifactory Plugin | low |
2022-05-24T17:12:40
(2 years ago) |
|
| Affected | <= 3.2.2 |
CVE-2019-10321
|
MAVEN:GHSA-8Q6R-5HC6-HRR8
|
Jenkins Artifactory Plugin cross-site request forgery vulnerability | moderate |
2022-05-24T22:00:02
(2 years ago) |
|
| Affected | < 2.16.2 |
CVE-2018-1000424
|
MAVEN:GHSA-CVH8-9J4X-5V4J
|
Jenkins Artifactory Plugin stored old directly entered credentials unencrypted on disk | high |
2022-05-13T01:18:46
(2 years ago) |
|
| Fixed | = 2.16.2 |
CVE-2018-1000424
|
MAVEN:GHSA-CVH8-9J4X-5V4J
|
Jenkins Artifactory Plugin stored old directly entered credentials unencrypted on disk | high |
2022-05-13T01:18:46
(2 years ago) |
|
| Affected | <= 3.2.2 |
CVE-2019-10322
|
MAVEN:GHSA-GXM5-JRRF-5C4V
|
Jenkins Artifactory Plugin missing permission check | moderate |
2022-05-24T22:00:02
(2 years ago) |
|
| Affected | <= 3.2.2 |
CVE-2019-10324
|
MAVEN:GHSA-MQJ3-FC39-73FJ
|
Cross-site request forgery vulnerability in Jenkins Artifactory Plugin | moderate |
2022-05-24T22:00:03
(2 years ago) |
|
| Fixed | = 3.2.3 |
CVE-2019-10324
|
MAVEN:GHSA-MQJ3-FC39-73FJ
|
Cross-site request forgery vulnerability in Jenkins Artifactory Plugin | moderate |
2022-05-24T22:00:03
(2 years ago) |
|
| Affected | < 3.6.1 |
CVE-2020-2165
|
MAVEN:GHSA-XQF6-5GRH-6223
|
Passwords transmitted in plain text by Jenkins Artifactory Plugin | low |
2022-05-24T17:12:40
(2 years ago) |
|
| Fixed | = 3.6.1 |
CVE-2020-2165
|
MAVEN:GHSA-XQF6-5GRH-6223
|
Passwords transmitted in plain text by Jenkins Artifactory Plugin | low |
2022-05-24T17:12:40
(2 years ago) |