pkg:maven/org.jenkins-ci.plugins/cons3rt
Type
maven
Namespace
org.jenkins-ci.plugins
Name
cons3rt
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/cons3rt package.
Moderate
3
Medium
2
Low
2
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 1.0.0 |
CVE-2022-41253
CVE-2022-41254 |
 JENKINS:SECURITY-2751
|
CSRF vulnerability and missing permission checks in `cons3rt` allow capturing credentials | medium |
2022-09-21T00:00:00
(2 years ago) |
|
| Affected | <= 1.0.0 |
CVE-2022-41252
|
JENKINS:SECURITY-2752
|
Missing permission checks in `cons3rt` allow enumerating credentials IDs | medium |
2022-09-21T00:00:00
(2 years ago) |
|
| Affected | <= 1.0.0 |
CVE-2022-41255
|
JENKINS:SECURITY-2759
|
API token stored in plain text by `cons3rt` | low |
2022-09-21T00:00:00
(2 years ago) |
|
| Affected | <= 1.0.0 |
CVE-2022-41253
|
 MAVEN:GHSA-48Q3-5297-WMMX
|
CSRF vulnerability in Jenkins CONS3RT Plugin allow capturing credentials | moderate |
2022-09-22T00:00:26
(2 years ago) |
|
| Affected | <= 1.0.0 |
CVE-2022-41254
|
MAVEN:GHSA-74X9-FHC2-P79F
|
Missing permission checks in Jenkins CONS3RT Plugin allow capturing credentials | moderate |
2022-09-22T00:00:26
(2 years ago) |
|
| Affected | <= 1.0.0 |
CVE-2022-41255
|
MAVEN:GHSA-FMQ9-R4P2-8272
|
API token stored in plain text by Jenkins CONS3RT Plugin | low |
2022-09-22T00:00:26
(2 years ago) |
|
| Affected | <= 1.0.0 |
CVE-2022-41252
|
MAVEN:GHSA-P37P-WG92-2FC4
|
Missing permission checks in Jenkins CONS3RT Plugin allow enumerating credentials IDs | moderate |
2022-09-22T00:00:26
(2 years ago) |