pkg:maven/org.jenkins-ci.plugins/ec2
Type
maven
Namespace
org.jenkins-ci.plugins
Name
ec2
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/ec2 package.
High
1
Moderate
5
Medium
4
Low
4
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 1.47 |
CVE-2020-2090
CVE-2020-2091 |
JENKINS:SECURITY-1004 | CSRF vulnerability and missing permission checks in `ec2` | low |
2020-01-15T00:00:00
(4 years ago) |
|
Fixed | = 1.48 |
CVE-2020-2090
CVE-2020-2091 |
JENKINS:SECURITY-1004 | CSRF vulnerability and missing permission checks in `ec2` | low |
2020-01-15T00:00:00
(4 years ago) |
|
Affected | <= 1.50.1 |
CVE-2020-2186
|
JENKINS:SECURITY-1408 | CSRF vulnerability in `ec2` | low |
2020-05-06T00:00:00
(4 years ago) |
|
Fixed | = 1.50.2 |
CVE-2020-2186
|
JENKINS:SECURITY-1408 | CSRF vulnerability in `ec2` | low |
2020-05-06T00:00:00
(4 years ago) |
|
Affected | <= 1.50.1 |
CVE-2020-2187
|
JENKINS:SECURITY-1528 | Lack of SSL/TLS certificate and hostname validation in `ec2` | medium |
2020-05-06T00:00:00
(4 years ago) |
|
Fixed | = 1.50.2 |
CVE-2020-2187
|
JENKINS:SECURITY-1528 | Lack of SSL/TLS certificate and hostname validation in `ec2` | medium |
2020-05-06T00:00:00
(4 years ago) |
|
Affected | <= 1.50.1 |
CVE-2020-2188
|
JENKINS:SECURITY-1844 | Users with Overall/Read access can enumerate credentials IDs in `ec2` | medium |
2020-05-06T00:00:00
(4 years ago) |
|
Fixed | = 1.50.2 |
CVE-2020-2188
|
JENKINS:SECURITY-1844 | Users with Overall/Read access can enumerate credentials IDs in `ec2` | medium |
2020-05-06T00:00:00
(4 years ago) |
|
Affected | <= 1.50.1 |
CVE-2020-2185
|
JENKINS:SECURITY-381 | Missing SSH host key validation in `ec2` | medium |
2020-05-06T00:00:00
(4 years ago) |
|
Fixed | = 1.50.2 |
CVE-2020-2185
|
JENKINS:SECURITY-381 | Missing SSH host key validation in `ec2` | medium |
2020-05-06T00:00:00
(4 years ago) |
|
Affected | <= 1.43 |
CVE-2019-10364
|
JENKINS:SECURITY-673 | `ec2` leaked beginning of private key in system log | medium |
2019-07-31T00:00:00
(5 years ago) |
|
Fixed | = 1.44 |
CVE-2019-10364
|
JENKINS:SECURITY-673 | `ec2` leaked beginning of private key in system log | medium |
2019-07-31T00:00:00
(5 years ago) |
|
Affected | < 1.48 |
CVE-2020-2091
|
MAVEN:GHSA-6HMM-77R2-H6HR | Missing permission checks in Jenkins Amazon EC2 Plugin | moderate |
2022-05-24T17:06:22
(2 years ago) |
|
Fixed | = 1.48 |
CVE-2020-2091
|
MAVEN:GHSA-6HMM-77R2-H6HR | Missing permission checks in Jenkins Amazon EC2 Plugin | moderate |
2022-05-24T17:06:22
(2 years ago) |
|
Affected | < 1.48 |
CVE-2020-2090
|
MAVEN:GHSA-9HVF-PFQ3-7PP6 | CSRF vulnerability in Jenkins Amazon EC2 Plugin | low |
2022-05-24T17:06:22
(2 years ago) |
|
Fixed | = 1.48 |
CVE-2020-2090
|
MAVEN:GHSA-9HVF-PFQ3-7PP6 | CSRF vulnerability in Jenkins Amazon EC2 Plugin | low |
2022-05-24T17:06:22
(2 years ago) |
|
Affected | <= 1.50.1 |
CVE-2020-2187
|
MAVEN:GHSA-C89C-PVM7-33WJ | Lack of SSL/TLS certificate and hostname validation in Amazon EC2 Plugin | moderate |
2022-05-24T17:17:15
(2 years ago) |
|
Fixed | = 1.50.2 |
CVE-2020-2187
|
MAVEN:GHSA-C89C-PVM7-33WJ | Lack of SSL/TLS certificate and hostname validation in Amazon EC2 Plugin | moderate |
2022-05-24T17:17:15
(2 years ago) |
|
Affected | <= 1.50.1 |
CVE-2020-2185
|
MAVEN:GHSA-Q8QQ-2P5P-RG44 | Missing SSH host key validation in Jenkins Amazon EC2 Plugin | moderate |
2022-05-24T17:17:14
(2 years ago) |
|
Fixed | = 1.50.2 |
CVE-2020-2185
|
MAVEN:GHSA-Q8QQ-2P5P-RG44 | Missing SSH host key validation in Jenkins Amazon EC2 Plugin | moderate |
2022-05-24T17:17:14
(2 years ago) |
|
Affected | <= 1.50.1 |
CVE-2020-2188
|
MAVEN:GHSA-RMP9-MC8W-MQF3 | Users with Overall/Read access can enumerate credentials IDs in Amazon EC2 Plugin | moderate |
2022-05-24T17:17:14
(2 years ago) |
|
Fixed | = 1.50.2 |
CVE-2020-2188
|
MAVEN:GHSA-RMP9-MC8W-MQF3 | Users with Overall/Read access can enumerate credentials IDs in Amazon EC2 Plugin | moderate |
2022-05-24T17:17:14
(2 years ago) |
|
Affected | <= 1.50.1 |
CVE-2020-2186
|
MAVEN:GHSA-W6HW-57JQ-H7F5 | CSRF vulnerability in Amazon EC2 Plugin | low |
2022-05-24T17:17:14
(2 years ago) |
|
Fixed | = 1.50.2 |
CVE-2020-2186
|
MAVEN:GHSA-W6HW-57JQ-H7F5 | CSRF vulnerability in Amazon EC2 Plugin | low |
2022-05-24T17:17:14
(2 years ago) |
|
Affected | <= 1.43 |
CVE-2019-10364
|
MAVEN:GHSA-W7FV-7J46-WWRV | Jenkins Amazon EC2 Plugin leaked beginning of private key in system log | moderate |
2022-05-24T16:51:51
(2 years ago) |
|
Fixed | = 1.44 |
CVE-2019-10364
|
MAVEN:GHSA-W7FV-7J46-WWRV | Jenkins Amazon EC2 Plugin leaked beginning of private key in system log | moderate |
2022-05-24T16:51:51
(2 years ago) |
|
Affected | <= 1.37 |
CVE-2017-1000502
|
MAVEN:GHSA-WP79-CPV2-9G7M | Arbitrary shell command execution in Jenkins EC2 Plugin | high |
2022-05-14T03:45:21
(2 years ago) |
|
Fixed | = 1.38 |
CVE-2017-1000502
|
MAVEN:GHSA-WP79-CPV2-9G7M | Arbitrary shell command execution in Jenkins EC2 Plugin | high |
2022-05-14T03:45:21
(2 years ago) |