pkg:maven/org.jenkins-ci.plugins/github

Type maven

Namespace org.jenkins-ci.plugins

Name github

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/github package.

Repository: https://mvnrepository.com/artifact/org.jenkins-ci.plugins/github

High 1

Medium 3

Low 1

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 1.34.4		CVE-2022-36885	JENKINS:SECURITY-1849	Non-constant time webhook signature comparison in `github`	low	2022-07-27T00:00:00 (2 years ago)
Fixed	= 1.34.5		CVE-2022-36885	JENKINS:SECURITY-1849	Non-constant time webhook signature comparison in `github`	low	2022-07-27T00:00:00 (2 years ago)
Affected	<= 1.37.3		CVE-2023-46650	JENKINS:SECURITY-3246	Stored XSS vulnerability in `github`	high	2023-10-25T00:00:00 (10 months ago)
Fixed	= 1.37.3.1		CVE-2023-46650	JENKINS:SECURITY-3246	Stored XSS vulnerability in `github`	high	2023-10-25T00:00:00 (10 months ago)
Affected	<= 1.29.0		CVE-2018-1000184	JENKINS:SECURITY-799	Server-side request forgery vulnerability in GitHub Plugin	medium	2018-06-04T00:00:00 (6 years ago)
Fixed	= 1.29.1		CVE-2018-1000184	JENKINS:SECURITY-799	Server-side request forgery vulnerability in GitHub Plugin	medium	2018-06-04T00:00:00 (6 years ago)
Affected	<= 1.29.0		CVE-2018-1000183	JENKINS:SECURITY-804	CSRF vulnerability and missing permission checks in GitHub Plugin allowed capturing credentials	medium	2018-06-04T00:00:00 (6 years ago)
Fixed	= 1.29.1		CVE-2018-1000183	JENKINS:SECURITY-804	CSRF vulnerability and missing permission checks in GitHub Plugin allowed capturing credentials	medium	2018-06-04T00:00:00 (6 years ago)
Affected	<= 1.29.1		CVE-2018-1000600	JENKINS:SECURITY-915	CSRF vulnerability and missing permission checks in GitHub Plugin allowed capturing credentials	medium	2018-06-25T00:00:00 (6 years ago)
Fixed	= 1.29.2		CVE-2018-1000600	JENKINS:SECURITY-915	CSRF vulnerability and missing permission checks in GitHub Plugin allowed capturing credentials	medium	2018-06-25T00:00:00 (6 years ago)