pkg:maven/org.jenkins-ci.plugins/cons3rt
Type
maven
Namespace
org.jenkins-ci.plugins
Name
cons3rt
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/cons3rt package.
Moderate
3
Medium
2
Low
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 1.0.0 |
CVE-2022-41253
CVE-2022-41254 |
JENKINS:SECURITY-2751 | CSRF vulnerability and missing permission checks in `cons3rt` allow capturing credentials | medium |
2022-09-21T00:00:00
(2 years ago) |
|
Affected | <= 1.0.0 |
CVE-2022-41252
|
JENKINS:SECURITY-2752 | Missing permission checks in `cons3rt` allow enumerating credentials IDs | medium |
2022-09-21T00:00:00
(2 years ago) |
|
Affected | <= 1.0.0 |
CVE-2022-41255
|
JENKINS:SECURITY-2759 | API token stored in plain text by `cons3rt` | low |
2022-09-21T00:00:00
(2 years ago) |
|
Affected | <= 1.0.0 |
CVE-2022-41253
|
MAVEN:GHSA-48Q3-5297-WMMX | CSRF vulnerability in Jenkins CONS3RT Plugin allow capturing credentials | moderate |
2022-09-22T00:00:26
(2 years ago) |
|
Affected | <= 1.0.0 |
CVE-2022-41254
|
MAVEN:GHSA-74X9-FHC2-P79F | Missing permission checks in Jenkins CONS3RT Plugin allow capturing credentials | moderate |
2022-09-22T00:00:26
(2 years ago) |
|
Affected | <= 1.0.0 |
CVE-2022-41255
|
MAVEN:GHSA-FMQ9-R4P2-8272 | API token stored in plain text by Jenkins CONS3RT Plugin | low |
2022-09-22T00:00:26
(2 years ago) |
|
Affected | <= 1.0.0 |
CVE-2022-41252
|
MAVEN:GHSA-P37P-WG92-2FC4 | Missing permission checks in Jenkins CONS3RT Plugin allow enumerating credentials IDs | moderate |
2022-09-22T00:00:26
(2 years ago) |