pkg:maven/org.jenkins-ci.plugins/elasticbox
Type
maven
Namespace
org.jenkins-ci.plugins
Name
elasticbox
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/elasticbox package.
High
1
Moderate
1
Medium
1
Low
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 5.0.1 |
CVE-2019-10450
|
JENKINS:SECURITY-1434 | `elasticbox` stores access token in plain text | low |
2019-10-16T00:00:00
(4 years ago) |
|
Affected | <= 5.0.1 |
CVE-2023-37964
CVE-2023-37965 |
JENKINS:SECURITY-3131 | CSRF vulnerability and missing permission checks in `elasticbox` allow capturing credentials | medium |
2023-07-12T00:00:00
(14 months ago) |
|
Affected | <= 5.0.3 |
CVE-2023-37964
|
MAVEN:GHSA-5V46-54VJ-4MJQ | Jenkins ElasticBox CI Plugin vulnerable to cross-site request forgery | high |
2023-07-12T18:30:39
(14 months ago) |
|
Affected | <= 5.0.3 |
CVE-2023-37965
|
MAVEN:GHSA-GG44-XM5P-X9CM | Jenkins ElasticBox CI Plugin missing permission check | moderate |
2023-07-12T18:30:39
(14 months ago) |