pkg:maven/org.jenkins-ci.plugins/github-branch-source

Type maven

Namespace org.jenkins-ci.plugins

Name github-branch-source

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/github-branch-source package.

Repository: https://mvnrepository.com/artifact/org.jenkins-ci.plugins/github-branch-source

Moderate 3

Medium 1

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 2.3.4		CVE-2018-1000185	JENKINS:SECURITY-806	Server-side request forgery vulnerability in GitHub Branch Source Plugin	medium	2018-06-04T00:00:00 (6 years ago)
Fixed	= 2.3.5		CVE-2018-1000185	JENKINS:SECURITY-806	Server-side request forgery vulnerability in GitHub Branch Source Plugin	medium	2018-06-04T00:00:00 (6 years ago)
Affected	< 2.2.0-alpha-1		CVE-2017-1000087	MAVEN:GHSA-6JP2-HGGX-8J7P	Jenkins GitHub Branch Source Plugin allows any user with Overall/Read permission to get list of valid credentials IDs	moderate	2022-05-17T00:29:00 (2 years ago)
Fixed	= 2.2.0-alpha-1		CVE-2017-1000087	MAVEN:GHSA-6JP2-HGGX-8J7P	Jenkins GitHub Branch Source Plugin allows any user with Overall/Read permission to get list of valid credentials IDs	moderate	2022-05-17T00:29:00 (2 years ago)
Affected	<= 2.3.4		CVE-2018-1000185	MAVEN:GHSA-9CFQ-V2HM-C3XR	Jenkins GitHub Branch Source Plugin vulnerable to Server-Side Request Forgery	moderate	2022-05-14T03:13:13 (2 years ago)
Fixed	= 2.3.5		CVE-2018-1000185	MAVEN:GHSA-9CFQ-V2HM-C3XR	Jenkins GitHub Branch Source Plugin vulnerable to Server-Side Request Forgery	moderate	2022-05-14T03:13:13 (2 years ago)
Affected	< 2.2.0-alpha-1		CVE-2017-1000091	MAVEN:GHSA-W66R-F5GG-GQWM	Jenkins GitHub Branch Source Plugin vulnerable to Cross-Site Request Forgery	moderate	2022-05-17T00:33:21 (2 years ago)
Fixed	= 2.2.0-alpha-1		CVE-2017-1000091	MAVEN:GHSA-W66R-F5GG-GQWM	Jenkins GitHub Branch Source Plugin vulnerable to Cross-Site Request Forgery	moderate	2022-05-17T00:33:21 (2 years ago)