pkg:maven/org.jenkins-ci.plugins/delphix
Type
maven
Namespace
org.jenkins-ci.plugins
Name
delphix
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/delphix package.
High
1
Moderate
4
Medium
4
Low
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 2.0.4 |
CVE-2019-10453
|
JENKINS:SECURITY-1450 | `delphix` stores credentials in plain text | low |
2019-10-16T00:00:00
(4 years ago) |
|
Affected | <= 3.0.2 |
CVE-2023-40344
|
JENKINS:SECURITY-3214-1 | Missing permission check in `delphix` allows enumerating credentials IDs | medium |
2023-08-16T00:00:00
(13 months ago) |
|
Fixed | = 3.0.3 |
CVE-2023-40344
|
JENKINS:SECURITY-3214-1 | Missing permission check in `delphix` allows enumerating credentials IDs | medium |
2023-08-16T00:00:00
(13 months ago) |
|
Affected | <= 3.0.2 |
CVE-2023-40345
|
JENKINS:SECURITY-3214-2 | Exposure of system-scoped credentials in `delphix` | medium |
2023-08-16T00:00:00
(13 months ago) |
|
Fixed | = 3.0.3 |
CVE-2023-40345
|
JENKINS:SECURITY-3214-2 | Exposure of system-scoped credentials in `delphix` | medium |
2023-08-16T00:00:00
(13 months ago) |
|
Affected | <= 3.0.1 |
CVE-2024-28161
|
JENKINS:SECURITY-3215 | SSL/TLS certificate validation disabled by default in `delphix` | medium |
2024-03-06T00:00:00
(6 months ago) |
|
Fixed | = 3.0.2 |
CVE-2024-28161
|
JENKINS:SECURITY-3215 | SSL/TLS certificate validation disabled by default in `delphix` | medium |
2024-03-06T00:00:00
(6 months ago) |
|
Affected | <= 3.1.0 |
CVE-2024-28162
|
JENKINS:SECURITY-3330 | Improper SSL/TLS certificate validation in `delphix` | medium |
2024-03-06T00:00:00
(6 months ago) |
|
Fixed | = 3.1.1 |
CVE-2024-28162
|
JENKINS:SECURITY-3330 | Improper SSL/TLS certificate validation in `delphix` | medium |
2024-03-06T00:00:00
(6 months ago) |
|
Affected | < 3.0.3 |
CVE-2023-40344
|
MAVEN:GHSA-3FQW-J7X8-G75J | Jenkins Delphix Plugin missing permission check | moderate |
2023-08-16T15:30:18
(13 months ago) |
|
Fixed | = 3.0.3 |
CVE-2023-40344
|
MAVEN:GHSA-3FQW-J7X8-G75J | Jenkins Delphix Plugin missing permission check | moderate |
2023-08-16T15:30:18
(13 months ago) |
|
Affected | <= 2.0.4 |
CVE-2019-10453
|
MAVEN:GHSA-4P59-P85X-F3WX | Jenkins Delphix Plugin vulnerable to Cleartext credential storage | high |
2022-05-24T16:58:50
(2 years ago) |
|
Affected | >= 3.0.1, < 3.1.1 |
CVE-2024-28162
|
MAVEN:GHSA-PFH3-J79R-VQRJ | Jenkins Delphix Plugin has improper SSL/TLS certificate validation | moderate |
2024-03-06T18:30:39
(6 months ago) |
|
Fixed | = 3.1.1 |
CVE-2024-28162
|
MAVEN:GHSA-PFH3-J79R-VQRJ | Jenkins Delphix Plugin has improper SSL/TLS certificate validation | moderate |
2024-03-06T18:30:39
(6 months ago) |
|
Affected | < 3.0.3 |
CVE-2023-40345
|
MAVEN:GHSA-WWWW-XVM2-62W7 | Jenkins Delphix Plugin vulnerable to exposure of system-scoped credentials | moderate |
2023-08-16T15:30:18
(13 months ago) |
|
Fixed | = 3.0.3 |
CVE-2023-40345
|
MAVEN:GHSA-WWWW-XVM2-62W7 | Jenkins Delphix Plugin vulnerable to exposure of system-scoped credentials | moderate |
2023-08-16T15:30:18
(13 months ago) |
|
Affected | = 3.0.1 |
CVE-2024-28161
|
MAVEN:GHSA-XJ36-6XC6-8P9X | Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default | moderate |
2024-03-06T18:30:39
(6 months ago) |
|
Fixed | = 3.0.2 |
CVE-2024-28161
|
MAVEN:GHSA-XJ36-6XC6-8P9X | Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default | moderate |
2024-03-06T18:30:39
(6 months ago) |