pkg:maven/org.jenkins-ci.plugins/crx-content-package-deployer
Type
maven
Namespace
org.jenkins-ci.plugins
Name
crx-content-package-deployer
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/crx-content-package-deployer package.
High
4
Moderate
2
Medium
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 1.8.1 |
CVE-2019-10437
CVE-2019-10438 |
JENKINS:SECURITY-1006-1 | CSRF vulnerability and missing permission check in `crx-content-package-deployer` allowed capturing credentials | high |
2019-10-16T00:00:00
(4 years ago) |
|
Fixed | = 1.9 |
CVE-2019-10437
CVE-2019-10438 |
JENKINS:SECURITY-1006-1 | CSRF vulnerability and missing permission check in `crx-content-package-deployer` allowed capturing credentials | high |
2019-10-16T00:00:00
(4 years ago) |
|
Affected | <= 1.8.1 |
CVE-2019-10439
|
JENKINS:SECURITY-1006-2 | Users with Overall/Read access could enumerate credential IDs in `crx-content-package-deployer` | medium |
2019-10-16T00:00:00
(4 years ago) |
|
Fixed | = 1.9 |
CVE-2019-10439
|
JENKINS:SECURITY-1006-2 | Users with Overall/Read access could enumerate credential IDs in `crx-content-package-deployer` | medium |
2019-10-16T00:00:00
(4 years ago) |
|
Affected | <= 1.9 |
CVE-2022-34183
CVE-2022-34184 CVE-2022-34185 CVE-2022-34186 CVE-2022-34187 CVE-2022-34188 CVE-2022-34189 CVE-2022-34190 CVE-2022-34191 CVE-2022-34192 CVE-2022-34193 CVE-2022-34194 CVE-2022-34195 CVE-2022-34196 CVE-2022-34197 CVE-2022-34198 |
JENKINS:SECURITY-2784 | Stored XSS vulnerabilities in multiple plugins providing additional parameter types | high |
2022-06-22T00:00:00
(2 years ago) |
|
Affected | < 1.9 |
CVE-2019-10439
|
MAVEN:GHSA-4CMQ-88F8-53R5 | Jenkins CRX Content Package Deployer Plugin subject to credentials enumeration via Missing Authorization | moderate |
2022-05-24T16:58:49
(2 years ago) |
|
Fixed | = 1.9 |
CVE-2019-10439
|
MAVEN:GHSA-4CMQ-88F8-53R5 | Jenkins CRX Content Package Deployer Plugin subject to credentials enumeration via Missing Authorization | moderate |
2022-05-24T16:58:49
(2 years ago) |
|
Affected | < 1.9 |
CVE-2019-10437
|
MAVEN:GHSA-62FP-J75Q-MQHC | Jenkins CRX Content Package Deployer Plugin subject to Cross-Site Request Forgery | high |
2022-05-24T16:58:48
(2 years ago) |
|
Fixed | = 1.9 |
CVE-2019-10437
|
MAVEN:GHSA-62FP-J75Q-MQHC | Jenkins CRX Content Package Deployer Plugin subject to Cross-Site Request Forgery | high |
2022-05-24T16:58:48
(2 years ago) |
|
Affected | <= 1.9 |
CVE-2022-34184
|
MAVEN:GHSA-HC44-P2QQ-CFM9 | Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin | high |
2022-06-24T00:00:31
(2 years ago) |
|
Affected | < 1.9 |
CVE-2019-10438
|
MAVEN:GHSA-JWW4-2793-9GMG | Jenkins CRX Content Package Deployer Plugin subject to Missing Authorization | moderate |
2022-05-24T16:58:48
(2 years ago) |
|
Fixed | = 1.9 |
CVE-2019-10438
|
MAVEN:GHSA-JWW4-2793-9GMG | Jenkins CRX Content Package Deployer Plugin subject to Missing Authorization | moderate |
2022-05-24T16:58:48
(2 years ago) |