pkg:maven/org.jenkins-ci.plugins/crx-content-package-deployer

Type maven

Namespace org.jenkins-ci.plugins

Name crx-content-package-deployer

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/crx-content-package-deployer package.

Repository: https://mvnrepository.com/artifact/org.jenkins-ci.plugins/crx-content-package-deployer

High 4

Moderate 2

Medium 1

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 1.8.1		CVE-2019-10437 CVE-2019-10438	JENKINS:SECURITY-1006-1	CSRF vulnerability and missing permission check in `crx-content-package-deployer` allowed capturing credentials	high	2019-10-16T00:00:00 (4 years ago)
Fixed	= 1.9		CVE-2019-10437 CVE-2019-10438	JENKINS:SECURITY-1006-1	CSRF vulnerability and missing permission check in `crx-content-package-deployer` allowed capturing credentials	high	2019-10-16T00:00:00 (4 years ago)
Affected	<= 1.8.1		CVE-2019-10439	JENKINS:SECURITY-1006-2	Users with Overall/Read access could enumerate credential IDs in `crx-content-package-deployer`	medium	2019-10-16T00:00:00 (4 years ago)
Fixed	= 1.9		CVE-2019-10439	JENKINS:SECURITY-1006-2	Users with Overall/Read access could enumerate credential IDs in `crx-content-package-deployer`	medium	2019-10-16T00:00:00 (4 years ago)
Affected	<= 1.9		CVE-2022-34183 CVE-2022-34184 CVE-2022-34185 CVE-2022-34186 CVE-2022-34187 CVE-2022-34188 CVE-2022-34189 CVE-2022-34190 CVE-2022-34191 CVE-2022-34192 CVE-2022-34193 CVE-2022-34194 CVE-2022-34195 CVE-2022-34196 CVE-2022-34197 CVE-2022-34198	JENKINS:SECURITY-2784	Stored XSS vulnerabilities in multiple plugins providing additional parameter types	high	2022-06-22T00:00:00 (2 years ago)
Affected	< 1.9		CVE-2019-10439	MAVEN:GHSA-4CMQ-88F8-53R5	Jenkins CRX Content Package Deployer Plugin subject to credentials enumeration via Missing Authorization	moderate	2022-05-24T16:58:49 (2 years ago)
Fixed	= 1.9		CVE-2019-10439	MAVEN:GHSA-4CMQ-88F8-53R5	Jenkins CRX Content Package Deployer Plugin subject to credentials enumeration via Missing Authorization	moderate	2022-05-24T16:58:49 (2 years ago)
Affected	< 1.9		CVE-2019-10437	MAVEN:GHSA-62FP-J75Q-MQHC	Jenkins CRX Content Package Deployer Plugin subject to Cross-Site Request Forgery	high	2022-05-24T16:58:48 (2 years ago)
Fixed	= 1.9		CVE-2019-10437	MAVEN:GHSA-62FP-J75Q-MQHC	Jenkins CRX Content Package Deployer Plugin subject to Cross-Site Request Forgery	high	2022-05-24T16:58:48 (2 years ago)
Affected	<= 1.9		CVE-2022-34184	MAVEN:GHSA-HC44-P2QQ-CFM9	Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin	high	2022-06-24T00:00:31 (2 years ago)
Affected	< 1.9		CVE-2019-10438	MAVEN:GHSA-JWW4-2793-9GMG	Jenkins CRX Content Package Deployer Plugin subject to Missing Authorization	moderate	2022-05-24T16:58:48 (2 years ago)
Fixed	= 1.9		CVE-2019-10438	MAVEN:GHSA-JWW4-2793-9GMG	Jenkins CRX Content Package Deployer Plugin subject to Missing Authorization	moderate	2022-05-24T16:58:48 (2 years ago)