pkg:maven/org.jenkins-ci.plugins/blueocean
Type
maven
Namespace
org.jenkins-ci.plugins
Name
blueocean
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/blueocean package.
Medium
6
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 1.10.1 |
CVE-2019-1003012
|
JENKINS:SECURITY-1201 | Blue Ocean did not require CSRF tokens | medium |
2019-01-28T00:00:00
(5 years ago) |
|
Fixed | = 1.10.2 |
CVE-2019-1003012
|
JENKINS:SECURITY-1201 | Blue Ocean did not require CSRF tokens | medium |
2019-01-28T00:00:00
(5 years ago) |
|
Affected | <= 1.10.1 |
CVE-2019-1003013
|
JENKINS:SECURITY-1204 | XSS vulnerability via user description in Blue Ocean | medium |
2019-01-28T00:00:00
(5 years ago) |
|
Fixed | = 1.10.2 |
CVE-2019-1003013
|
JENKINS:SECURITY-1204 | XSS vulnerability via user description in Blue Ocean | medium |
2019-01-28T00:00:00
(5 years ago) |
|
Affected | <= 1.23.2 |
CVE-2020-2254
|
JENKINS:SECURITY-1956 | Path traversal vulnerability in `blueocean` | medium |
2020-09-16T00:00:00
(4 years ago) |
|
Fixed | = 1.23.3 |
CVE-2020-2254
|
JENKINS:SECURITY-1956 | Path traversal vulnerability in `blueocean` | medium |
2020-09-16T00:00:00
(4 years ago) |
|
Affected | <= 1.23.2 |
CVE-2020-2255
|
JENKINS:SECURITY-1961 | Missing permission check in `blueocean` | medium |
2020-09-16T00:00:00
(4 years ago) |
|
Fixed | = 1.23.3 |
CVE-2020-2255
|
JENKINS:SECURITY-1961 | Missing permission check in `blueocean` | medium |
2020-09-16T00:00:00
(4 years ago) |
|
Affected | <= 1.25.3 |
CVE-2022-30953
CVE-2022-30954 |
JENKINS:SECURITY-2502 | CSRF vulnerability and missing permission checks in `blueocean` | medium |
2022-05-17T00:00:00
(2 years ago) |
|
Fixed | = 1.25.4 |
CVE-2022-30953
CVE-2022-30954 |
JENKINS:SECURITY-2502 | CSRF vulnerability and missing permission checks in `blueocean` | medium |
2022-05-17T00:00:00
(2 years ago) |
|
Affected | <= 1.27.5 |
CVE-2023-40341
|
JENKINS:SECURITY-3116 | CSRF vulnerability in `blueocean` allows capturing credentials | medium |
2023-08-16T00:00:00
(13 months ago) |
|
Fixed | = 1.27.5.1 |
CVE-2023-40341
|
JENKINS:SECURITY-3116 | CSRF vulnerability in `blueocean` allows capturing credentials | medium |
2023-08-16T00:00:00
(13 months ago) |