pkg:maven/org.jenkins-ci.plugins/ec2
Type
maven
Namespace
org.jenkins-ci.plugins
Name
ec2
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/ec2 package.
High
1
Moderate
5
Medium
4
Low
4
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 1.47 |
CVE-2020-2090
CVE-2020-2091 |
 JENKINS:SECURITY-1004
|
CSRF vulnerability and missing permission checks in `ec2` | low |
2020-01-15T00:00:00
(4 years ago) |
|
| Fixed | = 1.48 |
CVE-2020-2090
CVE-2020-2091 |
JENKINS:SECURITY-1004
|
CSRF vulnerability and missing permission checks in `ec2` | low |
2020-01-15T00:00:00
(4 years ago) |
|
| Affected | <= 1.50.1 |
CVE-2020-2186
|
JENKINS:SECURITY-1408
|
CSRF vulnerability in `ec2` | low |
2020-05-06T00:00:00
(4 years ago) |
|
| Fixed | = 1.50.2 |
CVE-2020-2186
|
JENKINS:SECURITY-1408
|
CSRF vulnerability in `ec2` | low |
2020-05-06T00:00:00
(4 years ago) |
|
| Affected | <= 1.50.1 |
CVE-2020-2187
|
JENKINS:SECURITY-1528
|
Lack of SSL/TLS certificate and hostname validation in `ec2` | medium |
2020-05-06T00:00:00
(4 years ago) |
|
| Fixed | = 1.50.2 |
CVE-2020-2187
|
JENKINS:SECURITY-1528
|
Lack of SSL/TLS certificate and hostname validation in `ec2` | medium |
2020-05-06T00:00:00
(4 years ago) |
|
| Affected | <= 1.50.1 |
CVE-2020-2188
|
JENKINS:SECURITY-1844
|
Users with Overall/Read access can enumerate credentials IDs in `ec2` | medium |
2020-05-06T00:00:00
(4 years ago) |
|
| Fixed | = 1.50.2 |
CVE-2020-2188
|
JENKINS:SECURITY-1844
|
Users with Overall/Read access can enumerate credentials IDs in `ec2` | medium |
2020-05-06T00:00:00
(4 years ago) |
|
| Affected | <= 1.50.1 |
CVE-2020-2185
|
JENKINS:SECURITY-381
|
Missing SSH host key validation in `ec2` | medium |
2020-05-06T00:00:00
(4 years ago) |
|
| Fixed | = 1.50.2 |
CVE-2020-2185
|
JENKINS:SECURITY-381
|
Missing SSH host key validation in `ec2` | medium |
2020-05-06T00:00:00
(4 years ago) |
|
| Affected | <= 1.43 |
CVE-2019-10364
|
JENKINS:SECURITY-673
|
`ec2` leaked beginning of private key in system log | medium |
2019-07-31T00:00:00
(5 years ago) |
|
| Fixed | = 1.44 |
CVE-2019-10364
|
JENKINS:SECURITY-673
|
`ec2` leaked beginning of private key in system log | medium |
2019-07-31T00:00:00
(5 years ago) |
|
| Affected | < 1.48 |
CVE-2020-2091
|
 MAVEN:GHSA-6HMM-77R2-H6HR
|
Missing permission checks in Jenkins Amazon EC2 Plugin | moderate |
2022-05-24T17:06:22
(2 years ago) |
|
| Fixed | = 1.48 |
CVE-2020-2091
|
MAVEN:GHSA-6HMM-77R2-H6HR
|
Missing permission checks in Jenkins Amazon EC2 Plugin | moderate |
2022-05-24T17:06:22
(2 years ago) |
|
| Affected | < 1.48 |
CVE-2020-2090
|
MAVEN:GHSA-9HVF-PFQ3-7PP6
|
CSRF vulnerability in Jenkins Amazon EC2 Plugin | low |
2022-05-24T17:06:22
(2 years ago) |
|
| Fixed | = 1.48 |
CVE-2020-2090
|
MAVEN:GHSA-9HVF-PFQ3-7PP6
|
CSRF vulnerability in Jenkins Amazon EC2 Plugin | low |
2022-05-24T17:06:22
(2 years ago) |
|
| Affected | <= 1.50.1 |
CVE-2020-2187
|
MAVEN:GHSA-C89C-PVM7-33WJ
|
Lack of SSL/TLS certificate and hostname validation in Amazon EC2 Plugin | moderate |
2022-05-24T17:17:15
(2 years ago) |
|
| Fixed | = 1.50.2 |
CVE-2020-2187
|
MAVEN:GHSA-C89C-PVM7-33WJ
|
Lack of SSL/TLS certificate and hostname validation in Amazon EC2 Plugin | moderate |
2022-05-24T17:17:15
(2 years ago) |
|
| Affected | <= 1.50.1 |
CVE-2020-2185
|
MAVEN:GHSA-Q8QQ-2P5P-RG44
|
Missing SSH host key validation in Jenkins Amazon EC2 Plugin | moderate |
2022-05-24T17:17:14
(2 years ago) |
|
| Fixed | = 1.50.2 |
CVE-2020-2185
|
MAVEN:GHSA-Q8QQ-2P5P-RG44
|
Missing SSH host key validation in Jenkins Amazon EC2 Plugin | moderate |
2022-05-24T17:17:14
(2 years ago) |
|
| Affected | <= 1.50.1 |
CVE-2020-2188
|
MAVEN:GHSA-RMP9-MC8W-MQF3
|
Users with Overall/Read access can enumerate credentials IDs in Amazon EC2 Plugin | moderate |
2022-05-24T17:17:14
(2 years ago) |
|
| Fixed | = 1.50.2 |
CVE-2020-2188
|
MAVEN:GHSA-RMP9-MC8W-MQF3
|
Users with Overall/Read access can enumerate credentials IDs in Amazon EC2 Plugin | moderate |
2022-05-24T17:17:14
(2 years ago) |
|
| Affected | <= 1.50.1 |
CVE-2020-2186
|
MAVEN:GHSA-W6HW-57JQ-H7F5
|
CSRF vulnerability in Amazon EC2 Plugin | low |
2022-05-24T17:17:14
(2 years ago) |
|
| Fixed | = 1.50.2 |
CVE-2020-2186
|
MAVEN:GHSA-W6HW-57JQ-H7F5
|
CSRF vulnerability in Amazon EC2 Plugin | low |
2022-05-24T17:17:14
(2 years ago) |
|
| Affected | <= 1.43 |
CVE-2019-10364
|
MAVEN:GHSA-W7FV-7J46-WWRV
|
Jenkins Amazon EC2 Plugin leaked beginning of private key in system log | moderate |
2022-05-24T16:51:51
(2 years ago) |
|
| Fixed | = 1.44 |
CVE-2019-10364
|
MAVEN:GHSA-W7FV-7J46-WWRV
|
Jenkins Amazon EC2 Plugin leaked beginning of private key in system log | moderate |
2022-05-24T16:51:51
(2 years ago) |
|
| Affected | <= 1.37 |
CVE-2017-1000502
|
MAVEN:GHSA-WP79-CPV2-9G7M
|
Arbitrary shell command execution in Jenkins EC2 Plugin | high |
2022-05-14T03:45:21
(2 years ago) |
|
| Fixed | = 1.38 |
CVE-2017-1000502
|
MAVEN:GHSA-WP79-CPV2-9G7M
|
Arbitrary shell command execution in Jenkins EC2 Plugin | high |
2022-05-14T03:45:21
(2 years ago) |