1. Home
  2. Packages
  3. maven
  4. org.jenkins-ci.plugins
  5. gitlab-plugin

pkg:maven/org.jenkins-ci.plugins/gitlab-plugin

Type maven
Namespace org.jenkins-ci.plugins
Name gitlab-plugin

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/gitlab-plugin package.

Repository
https://mvnrepository.com/artifact/org.jenkins-ci.plugins/gitlab-plugin
High 4
Moderate 1
Medium 2
Low 2
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected <= 1.5.11 CVE-2019-10300
jenkins JENKINS:SECURITY-1357 CSRF vulnerability and missing permission checks in `gitlab-plugin` allowed capturing credentials medium 2019-04-17T00:00:00
(5 years ago)
Fixed = 1.5.12 CVE-2019-10300
jenkins JENKINS:SECURITY-1357 CSRF vulnerability and missing permission checks in `gitlab-plugin` allowed capturing credentials medium 2019-04-17T00:00:00
(5 years ago)
Affected <= 1.5.34 CVE-2022-34777
jenkins JENKINS:SECURITY-2316 Stored XSS vulnerability in `gitlab-plugin` high 2022-06-30T00:00:00
(2 years ago)
Fixed = 1.5.35 CVE-2022-34777
jenkins JENKINS:SECURITY-2316 Stored XSS vulnerability in `gitlab-plugin` high 2022-06-30T00:00:00
(2 years ago)
Affected <= 1.5.31 CVE-2022-30955
jenkins JENKINS:SECURITY-2753 Missing permission check in `gitlab-plugin` allows enumerating credentials IDs medium 2022-05-17T00:00:00
(2 years ago)
Fixed = 1.5.32 CVE-2022-30955
jenkins JENKINS:SECURITY-2753 Missing permission check in `gitlab-plugin` allows enumerating credentials IDs medium 2022-05-17T00:00:00
(2 years ago)
Affected <= 1.5.35 CVE-2022-43411
jenkins JENKINS:SECURITY-2877 Non-constant time webhook token comparison in `gitlab-plugin` low 2022-10-19T00:00:00
(23 months ago)
Fixed = 1.5.36 CVE-2022-43411
jenkins JENKINS:SECURITY-2877 Non-constant time webhook token comparison in `gitlab-plugin` low 2022-10-19T00:00:00
(23 months ago)
Affected < 1.5.32 CVE-2022-30955
maven MAVEN:GHSA-5PHJ-QV74-PV4W Missing permission check in Jenkins GitLab Plugin moderate 2022-05-18T00:00:40
(2 years ago)
Fixed = 1.5.32 CVE-2022-30955
maven MAVEN:GHSA-5PHJ-QV74-PV4W Missing permission check in Jenkins GitLab Plugin moderate 2022-05-18T00:00:40
(2 years ago)
Affected <= 1.5.11 CVE-2019-10301
maven MAVEN:GHSA-923W-9P3X-HMGW Jenkins GitLab Plugin missing permission checks high 2022-05-24T16:43:53
(2 years ago)
Fixed = 1.5.12 CVE-2019-10301
maven MAVEN:GHSA-923W-9P3X-HMGW Jenkins GitLab Plugin missing permission checks high 2022-05-24T16:43:53
(2 years ago)
Affected <= 1.5.34 CVE-2022-34777
maven MAVEN:GHSA-F655-XHVM-CWP4 Cross-site Scripting in Jenkins GitLab Plugin high 2022-07-01T00:01:07
(2 years ago)
Fixed = 1.5.35 CVE-2022-34777
maven MAVEN:GHSA-F655-XHVM-CWP4 Cross-site Scripting in Jenkins GitLab Plugin high 2022-07-01T00:01:07
(2 years ago)
Affected <= 1.5.35 CVE-2022-43411
maven MAVEN:GHSA-F9F9-4R63-4QCC Non-constant time webhook token comparison in Jenkins GitLab Plugin low 2022-10-19T19:00:22
(23 months ago)
Fixed = 1.5.36 CVE-2022-43411
maven MAVEN:GHSA-F9F9-4R63-4QCC Non-constant time webhook token comparison in Jenkins GitLab Plugin low 2022-10-19T19:00:22
(23 months ago)
Affected <= 1.5.11 CVE-2019-10300
maven MAVEN:GHSA-J365-62PX-VJJV Jenkins GitLab Plugin Cross-Site Request Forgery vulnerability high 2022-05-24T16:43:53
(2 years ago)
Fixed = 1.5.12 CVE-2019-10300
maven MAVEN:GHSA-J365-62PX-VJJV Jenkins GitLab Plugin Cross-Site Request Forgery vulnerability high 2022-05-24T16:43:53
(2 years ago)