pkg:maven/org.jenkins-ci.plugins/configuration-as-code
Type
maven
Namespace
org.jenkins-ci.plugins
Name
configuration-as-code
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/configuration-as-code package.
Medium
7
Low
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 1.24 |
CVE-2019-10343
|
JENKINS:SECURITY-1279 | `configuration-as-code` failed to mask secrets in system log messages | medium |
2019-07-31T00:00:00
(5 years ago) |
|
Fixed | = 1.25 |
CVE-2019-10343
|
JENKINS:SECURITY-1279 | `configuration-as-code` failed to mask secrets in system log messages | medium |
2019-07-31T00:00:00
(5 years ago) |
|
Affected | <= 1.24 |
CVE-2019-10344
|
JENKINS:SECURITY-1290 | `configuration-as-code` allowed users without Overall/Administer permission to access documentation | medium |
2019-07-31T00:00:00
(5 years ago) |
|
Fixed | = 1.25 |
CVE-2019-10344
|
JENKINS:SECURITY-1290 | `configuration-as-code` allowed users without Overall/Administer permission to access documentation | medium |
2019-07-31T00:00:00
(5 years ago) |
|
Affected | <= 1.24 |
CVE-2019-10345
|
JENKINS:SECURITY-1303 | `configuration-as-code` did not mask proxy credentials | low |
2019-07-31T00:00:00
(5 years ago) |
|
Fixed | = 1.25 |
CVE-2019-10345
|
JENKINS:SECURITY-1303 | `configuration-as-code` did not mask proxy credentials | low |
2019-07-31T00:00:00
(5 years ago) |
|
Affected | <= 1.24 |
CVE-2019-10362
|
JENKINS:SECURITY-1446 | `configuration-as-code` evaluated variable references when importing a previously exported configuration | medium |
2019-07-31T00:00:00
(5 years ago) |
|
Fixed | = 1.25 |
CVE-2019-10362
|
JENKINS:SECURITY-1446 | `configuration-as-code` evaluated variable references when importing a previously exported configuration | medium |
2019-07-31T00:00:00
(5 years ago) |
|
Affected | <= 1.24 |
CVE-2019-10363
|
JENKINS:SECURITY-1458 | `configuration-as-code` exported secret values in plain text | medium |
2019-07-31T00:00:00
(5 years ago) |
|
Fixed | = 1.25 |
CVE-2019-10363
|
JENKINS:SECURITY-1458 | `configuration-as-code` exported secret values in plain text | medium |
2019-07-31T00:00:00
(5 years ago) |
|
Affected | <= 1.26 |
CVE-2019-10367
|
JENKINS:SECURITY-1497 | `configuration-as-code` failed to mask secrets in system log messages | medium |
2019-08-07T00:00:00
(5 years ago) |
|
Fixed | = 1.27 |
CVE-2019-10367
|
JENKINS:SECURITY-1497 | `configuration-as-code` failed to mask secrets in system log messages | medium |
2019-08-07T00:00:00
(5 years ago) |
|
Affected | <= 1.55 |
CVE-2022-23106
|
JENKINS:SECURITY-2141 | Non-constant time token comparison in `configuration-as-code` | low |
2022-01-12T00:00:00
(2 years ago) |
|
Fixed | = 1.55.1 |
CVE-2022-23106
|
JENKINS:SECURITY-2141 | Non-constant time token comparison in `configuration-as-code` | low |
2022-01-12T00:00:00
(2 years ago) |
|
Affected | <= 0.7-alpha |
CVE-2018-1000609
|
JENKINS:SECURITY-927 | Configuration as Code Plugin allowed anyone with Overall/Read access to export Jenkins configuration | medium |
2018-06-25T00:00:00
(6 years ago) |
|
Fixed | = 0.8-alpha |
CVE-2018-1000609
|
JENKINS:SECURITY-927 | Configuration as Code Plugin allowed anyone with Overall/Read access to export Jenkins configuration | medium |
2018-06-25T00:00:00
(6 years ago) |
|
Affected | <= 0.7-alpha |
CVE-2018-1000610
|
JENKINS:SECURITY-929 | Configuration as Code Plugin logged passwords in clear text | medium |
2018-06-25T00:00:00
(6 years ago) |
|
Fixed | = 0.8-alpha |
CVE-2018-1000610
|
JENKINS:SECURITY-929 | Configuration as Code Plugin logged passwords in clear text | medium |
2018-06-25T00:00:00
(6 years ago) |