pkg:maven/org.jenkins-ci.plugins/gitlab-plugin
Type
maven
Namespace
org.jenkins-ci.plugins
Name
gitlab-plugin
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/gitlab-plugin package.
High
4
Moderate
1
Medium
2
Low
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 1.5.11 |
CVE-2019-10300
|
JENKINS:SECURITY-1357 | CSRF vulnerability and missing permission checks in `gitlab-plugin` allowed capturing credentials | medium |
2019-04-17T00:00:00
(5 years ago) |
|
Fixed | = 1.5.12 |
CVE-2019-10300
|
JENKINS:SECURITY-1357 | CSRF vulnerability and missing permission checks in `gitlab-plugin` allowed capturing credentials | medium |
2019-04-17T00:00:00
(5 years ago) |
|
Affected | <= 1.5.34 |
CVE-2022-34777
|
JENKINS:SECURITY-2316 | Stored XSS vulnerability in `gitlab-plugin` | high |
2022-06-30T00:00:00
(2 years ago) |
|
Fixed | = 1.5.35 |
CVE-2022-34777
|
JENKINS:SECURITY-2316 | Stored XSS vulnerability in `gitlab-plugin` | high |
2022-06-30T00:00:00
(2 years ago) |
|
Affected | <= 1.5.31 |
CVE-2022-30955
|
JENKINS:SECURITY-2753 | Missing permission check in `gitlab-plugin` allows enumerating credentials IDs | medium |
2022-05-17T00:00:00
(2 years ago) |
|
Fixed | = 1.5.32 |
CVE-2022-30955
|
JENKINS:SECURITY-2753 | Missing permission check in `gitlab-plugin` allows enumerating credentials IDs | medium |
2022-05-17T00:00:00
(2 years ago) |
|
Affected | <= 1.5.35 |
CVE-2022-43411
|
JENKINS:SECURITY-2877 | Non-constant time webhook token comparison in `gitlab-plugin` | low |
2022-10-19T00:00:00
(23 months ago) |
|
Fixed | = 1.5.36 |
CVE-2022-43411
|
JENKINS:SECURITY-2877 | Non-constant time webhook token comparison in `gitlab-plugin` | low |
2022-10-19T00:00:00
(23 months ago) |
|
Affected | < 1.5.32 |
CVE-2022-30955
|
MAVEN:GHSA-5PHJ-QV74-PV4W | Missing permission check in Jenkins GitLab Plugin | moderate |
2022-05-18T00:00:40
(2 years ago) |
|
Fixed | = 1.5.32 |
CVE-2022-30955
|
MAVEN:GHSA-5PHJ-QV74-PV4W | Missing permission check in Jenkins GitLab Plugin | moderate |
2022-05-18T00:00:40
(2 years ago) |
|
Affected | <= 1.5.11 |
CVE-2019-10301
|
MAVEN:GHSA-923W-9P3X-HMGW | Jenkins GitLab Plugin missing permission checks | high |
2022-05-24T16:43:53
(2 years ago) |
|
Fixed | = 1.5.12 |
CVE-2019-10301
|
MAVEN:GHSA-923W-9P3X-HMGW | Jenkins GitLab Plugin missing permission checks | high |
2022-05-24T16:43:53
(2 years ago) |
|
Affected | <= 1.5.34 |
CVE-2022-34777
|
MAVEN:GHSA-F655-XHVM-CWP4 | Cross-site Scripting in Jenkins GitLab Plugin | high |
2022-07-01T00:01:07
(2 years ago) |
|
Fixed | = 1.5.35 |
CVE-2022-34777
|
MAVEN:GHSA-F655-XHVM-CWP4 | Cross-site Scripting in Jenkins GitLab Plugin | high |
2022-07-01T00:01:07
(2 years ago) |
|
Affected | <= 1.5.35 |
CVE-2022-43411
|
MAVEN:GHSA-F9F9-4R63-4QCC | Non-constant time webhook token comparison in Jenkins GitLab Plugin | low |
2022-10-19T19:00:22
(23 months ago) |
|
Fixed | = 1.5.36 |
CVE-2022-43411
|
MAVEN:GHSA-F9F9-4R63-4QCC | Non-constant time webhook token comparison in Jenkins GitLab Plugin | low |
2022-10-19T19:00:22
(23 months ago) |
|
Affected | <= 1.5.11 |
CVE-2019-10300
|
MAVEN:GHSA-J365-62PX-VJJV | Jenkins GitLab Plugin Cross-Site Request Forgery vulnerability | high |
2022-05-24T16:43:53
(2 years ago) |
|
Fixed | = 1.5.12 |
CVE-2019-10300
|
MAVEN:GHSA-J365-62PX-VJJV | Jenkins GitLab Plugin Cross-Site Request Forgery vulnerability | high |
2022-05-24T16:43:53
(2 years ago) |