pkg:maven/org.jenkins-ci.plugins/delphix
Type
maven
Namespace
org.jenkins-ci.plugins
Name
delphix
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/delphix package.
High
1
Moderate
4
Medium
4
Low
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 2.0.4 |
CVE-2019-10453
|
 JENKINS:SECURITY-1450
|
`delphix` stores credentials in plain text | low |
2019-10-16T00:00:00
(4 years ago) |
|
| Affected | <= 3.0.2 |
CVE-2023-40344
|
JENKINS:SECURITY-3214-1
|
Missing permission check in `delphix` allows enumerating credentials IDs | medium |
2023-08-16T00:00:00
(13 months ago) |
|
| Fixed | = 3.0.3 |
CVE-2023-40344
|
JENKINS:SECURITY-3214-1
|
Missing permission check in `delphix` allows enumerating credentials IDs | medium |
2023-08-16T00:00:00
(13 months ago) |
|
| Affected | <= 3.0.2 |
CVE-2023-40345
|
JENKINS:SECURITY-3214-2
|
Exposure of system-scoped credentials in `delphix` | medium |
2023-08-16T00:00:00
(13 months ago) |
|
| Fixed | = 3.0.3 |
CVE-2023-40345
|
JENKINS:SECURITY-3214-2
|
Exposure of system-scoped credentials in `delphix` | medium |
2023-08-16T00:00:00
(13 months ago) |
|
| Affected | <= 3.0.1 |
CVE-2024-28161
|
JENKINS:SECURITY-3215
|
SSL/TLS certificate validation disabled by default in `delphix` | medium |
2024-03-06T00:00:00
(6 months ago) |
|
| Fixed | = 3.0.2 |
CVE-2024-28161
|
JENKINS:SECURITY-3215
|
SSL/TLS certificate validation disabled by default in `delphix` | medium |
2024-03-06T00:00:00
(6 months ago) |
|
| Affected | <= 3.1.0 |
CVE-2024-28162
|
JENKINS:SECURITY-3330
|
Improper SSL/TLS certificate validation in `delphix` | medium |
2024-03-06T00:00:00
(6 months ago) |
|
| Fixed | = 3.1.1 |
CVE-2024-28162
|
JENKINS:SECURITY-3330
|
Improper SSL/TLS certificate validation in `delphix` | medium |
2024-03-06T00:00:00
(6 months ago) |
|
| Affected | < 3.0.3 |
CVE-2023-40344
|
 MAVEN:GHSA-3FQW-J7X8-G75J
|
Jenkins Delphix Plugin missing permission check | moderate |
2023-08-16T15:30:18
(13 months ago) |
|
| Fixed | = 3.0.3 |
CVE-2023-40344
|
MAVEN:GHSA-3FQW-J7X8-G75J
|
Jenkins Delphix Plugin missing permission check | moderate |
2023-08-16T15:30:18
(13 months ago) |
|
| Affected | <= 2.0.4 |
CVE-2019-10453
|
MAVEN:GHSA-4P59-P85X-F3WX
|
Jenkins Delphix Plugin vulnerable to Cleartext credential storage | high |
2022-05-24T16:58:50
(2 years ago) |
|
| Affected | >= 3.0.1, < 3.1.1 |
CVE-2024-28162
|
MAVEN:GHSA-PFH3-J79R-VQRJ
|
Jenkins Delphix Plugin has improper SSL/TLS certificate validation | moderate |
2024-03-06T18:30:39
(6 months ago) |
|
| Fixed | = 3.1.1 |
CVE-2024-28162
|
MAVEN:GHSA-PFH3-J79R-VQRJ
|
Jenkins Delphix Plugin has improper SSL/TLS certificate validation | moderate |
2024-03-06T18:30:39
(6 months ago) |
|
| Affected | < 3.0.3 |
CVE-2023-40345
|
MAVEN:GHSA-WWWW-XVM2-62W7
|
Jenkins Delphix Plugin vulnerable to exposure of system-scoped credentials | moderate |
2023-08-16T15:30:18
(13 months ago) |
|
| Fixed | = 3.0.3 |
CVE-2023-40345
|
MAVEN:GHSA-WWWW-XVM2-62W7
|
Jenkins Delphix Plugin vulnerable to exposure of system-scoped credentials | moderate |
2023-08-16T15:30:18
(13 months ago) |
|
| Affected | = 3.0.1 |
CVE-2024-28161
|
MAVEN:GHSA-XJ36-6XC6-8P9X
|
Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default | moderate |
2024-03-06T18:30:39
(6 months ago) |
|
| Fixed | = 3.0.2 |
CVE-2024-28161
|
MAVEN:GHSA-XJ36-6XC6-8P9X
|
Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default | moderate |
2024-03-06T18:30:39
(6 months ago) |