pkg:maven/org.jenkins-ci.plugins/credentials
Type
maven
Namespace
org.jenkins-ci.plugins
Name
credentials
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/credentials package.
High
2
Moderate
5
Medium
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 2.1.18 |
CVE-2019-10320
|
JENKINS:SECURITY-1322 | Certificate file read vulnerability in `credentials` | medium |
2019-05-21T00:00:00
(5 years ago) |
|
Fixed | = 2.1.19 |
CVE-2019-10320
|
JENKINS:SECURITY-1322 | Certificate file read vulnerability in `credentials` | medium |
2019-05-21T00:00:00
(5 years ago) |
|
Affected | <= 2.3.18 |
CVE-2021-21648
|
JENKINS:SECURITY-2349 | Reflected XSS vulnerability in `credentials` | high |
2021-05-11T00:00:00
(3 years ago) |
|
Fixed | = 2.3.19 |
CVE-2021-21648
|
JENKINS:SECURITY-2349 | Reflected XSS vulnerability in `credentials` | high |
2021-05-11T00:00:00
(3 years ago) |
|
Affected | <= 1111.v35a_307992395 |
CVE-2022-29036
CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046 |
JENKINS:SECURITY-2617 | Stored XSS vulnerabilities in multiple plugins providing additional parameter types | high |
2022-04-12T00:00:00
(2 years ago) |
|
Fixed | = 1112.vc87b_7a_3597f6, 1087.1089.v2f1b_9a_b_040e4, 1074.1076.v39c30cecb_0e2, or 2.6.1.1 |
CVE-2022-29036
CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046 |
JENKINS:SECURITY-2617 | Stored XSS vulnerabilities in multiple plugins providing additional parameter types | high |
2022-04-12T00:00:00
(2 years ago) |
|
Affected | < 2.1.17 |
CVE-2018-1000601
|
MAVEN:GHSA-CWCF-5M5W-MQ2W | Exposure of Sensitive Information to an Unauthorized Actor in Jenkins SSH Credentials Plugin | moderate |
2022-05-14T03:07:03
(2 years ago) |
|
Fixed | = 2.1.17 |
CVE-2018-1000601
|
MAVEN:GHSA-CWCF-5M5W-MQ2W | Exposure of Sensitive Information to an Unauthorized Actor in Jenkins SSH Credentials Plugin | moderate |
2022-05-14T03:07:03
(2 years ago) |
|
Affected | < 2.3.0.1 >= 2.3.1, < 2.3.7.1 >= 2.3.8, < 2.3.13.1 = 2.3.14 = 2.3.15 >= 2.3.16, < 2.3.19 |
CVE-2021-21648
|
MAVEN:GHSA-GCHQ-9R68-6JWV | Cross-Site Request Forgery in Jenkins Credentials Plugin | moderate |
2021-06-16T17:24:31
(3 years ago) |
|
Fixed | = 2.3.0.1 = 2.3.7.1 = 2.3.13.1 = 2.3.14.1 = 2.3.15.1 = 2.3.19 |
CVE-2021-21648
|
MAVEN:GHSA-GCHQ-9R68-6JWV | Cross-Site Request Forgery in Jenkins Credentials Plugin | moderate |
2021-06-16T17:24:31
(3 years ago) |
|
Affected | < 1.24.1 >= 1.25, < 1.27.1 |
CVE-2022-20616
|
MAVEN:GHSA-GQM2-2GCX-P88W | Incorrect Permission Assignment for Critical Resource in Jenkins Credentials Binding Plugin | moderate |
2022-01-13T00:01:03
(2 years ago) |
|
Fixed | = 1.24.1 = 1.27.1 |
CVE-2022-20616
|
MAVEN:GHSA-GQM2-2GCX-P88W | Incorrect Permission Assignment for Critical Resource in Jenkins Credentials Binding Plugin | moderate |
2022-01-13T00:01:03
(2 years ago) |
|
Affected | >= 1105, <= 1111.v35a = 1087.v16065d268466 >= 2.6.2, <= 1074.v60e6c29b <= 2.6.1 |
CVE-2022-29036
|
MAVEN:GHSA-RVG5-F5FJ-MXVG | Cross-site Scripting in Jenkins Credentials Plugin | moderate |
2022-04-13T00:00:18
(2 years ago) |
|
Fixed | = 1087.1089.v2f1b_9a_b_040e4 = 1074.1076.v39c30cecb_0e2 = 2.6.1.1 |
CVE-2022-29036
|
MAVEN:GHSA-RVG5-F5FJ-MXVG | Cross-site Scripting in Jenkins Credentials Plugin | moderate |
2022-04-13T00:00:18
(2 years ago) |
|
Affected | <= 2.1.18 |
CVE-2019-10320
|
MAVEN:GHSA-XM94-9JW8-P6HW | Insertion of Sensitive Information into Externally-Accessible File or Directory in Jenkins Credentials Plugin | moderate |
2022-05-24T16:46:09
(2 years ago) |
|
Fixed | = 2.1.19 |
CVE-2019-10320
|
MAVEN:GHSA-XM94-9JW8-P6HW | Insertion of Sensitive Information into Externally-Accessible File or Directory in Jenkins Credentials Plugin | moderate |
2022-05-24T16:46:09
(2 years ago) |