pkg:maven/org.jenkins-ci.plugins/google-login
Type
maven
Namespace
org.jenkins-ci.plugins
Name
google-login
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/google-login package.
High
1
Moderate
4
Medium
3
Low
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 1.6 |
CVE-2022-46683
|
JENKINS:SECURITY-2967 | Open redirect vulnerability in `google-login` | medium |
2022-12-07T00:00:00
(21 months ago) |
|
Fixed | = 1.7 |
CVE-2022-46683
|
JENKINS:SECURITY-2967 | Open redirect vulnerability in `google-login` | medium |
2022-12-07T00:00:00
(21 months ago) |
|
Affected | <= 1.7 |
CVE-2023-41936
|
JENKINS:SECURITY-3228 | Non-constant time token comparison in `google-login` | low |
2023-09-06T00:00:00
(12 months ago) |
|
Fixed | = 1.8 |
CVE-2023-41936
|
JENKINS:SECURITY-3228 | Non-constant time token comparison in `google-login` | low |
2023-09-06T00:00:00
(12 months ago) |
|
Affected | <= 1.3 |
CVE-2018-1000173
|
JENKINS:SECURITY-442 | Session fixation vulnerability in Google Login Plugin | medium |
2018-04-16T00:00:00
(6 years ago) |
|
Fixed | = 1.3.1 |
CVE-2018-1000173
|
JENKINS:SECURITY-442 | Session fixation vulnerability in Google Login Plugin | medium |
2018-04-16T00:00:00
(6 years ago) |
|
Affected | <= 1.3 |
CVE-2018-1000174
|
JENKINS:SECURITY-684 | Open redirect vulnerability in Google Login Plugin | medium |
2018-04-16T00:00:00
(6 years ago) |
|
Fixed | = 1.3.1 |
CVE-2018-1000174
|
JENKINS:SECURITY-684 | Open redirect vulnerability in Google Login Plugin | medium |
2018-04-16T00:00:00
(6 years ago) |
|
Affected | <= 1.7 |
CVE-2023-41936
|
MAVEN:GHSA-G58X-57FV-86JH | Jenkins Google Login Plugin non-constant time token comparison | high |
2023-09-06T15:30:26
(12 months ago) |
|
Fixed | = 1.8 |
CVE-2023-41936
|
MAVEN:GHSA-G58X-57FV-86JH | Jenkins Google Login Plugin non-constant time token comparison | high |
2023-09-06T15:30:26
(12 months ago) |
|
Affected | <= 1.3 |
CVE-2018-1000174
|
MAVEN:GHSA-J279-CX9M-JV3W | Jenkins Google Login Plugin Open Redirect vulnerability | moderate |
2022-05-14T03:18:40
(2 years ago) |
|
Fixed | = 1.3.1 |
CVE-2018-1000174
|
MAVEN:GHSA-J279-CX9M-JV3W | Jenkins Google Login Plugin Open Redirect vulnerability | moderate |
2022-05-14T03:18:40
(2 years ago) |
|
Affected | >= 1.0, < 1.2 |
CVE-2015-5298
|
MAVEN:GHSA-P487-39H9-HM84 | Jenkins Google Login Plugin 1.0 and 1.1 allows anonymous users to authenticate through client-side request modification | moderate |
2022-07-08T00:00:43
(2 years ago) |
|
Fixed | = 1.2 |
CVE-2015-5298
|
MAVEN:GHSA-P487-39H9-HM84 | Jenkins Google Login Plugin 1.0 and 1.1 allows anonymous users to authenticate through client-side request modification | moderate |
2022-07-08T00:00:43
(2 years ago) |
|
Affected | <= 1.3 |
CVE-2018-1000173
|
MAVEN:GHSA-RP82-XVG3-727C | Jenkins Google Login Plugin Session Fixation vulnerability | moderate |
2022-05-14T03:18:40
(2 years ago) |
|
Fixed | = 1.3.1 |
CVE-2018-1000173
|
MAVEN:GHSA-RP82-XVG3-727C | Jenkins Google Login Plugin Session Fixation vulnerability | moderate |
2022-05-14T03:18:40
(2 years ago) |
|
Affected | >= 1.4, < 1.7 |
CVE-2022-46683
|
MAVEN:GHSA-V93C-CXJ5-C398 | Jenkins Google Login Plugin Open Redirect vulnerability | moderate |
2022-12-12T09:30:35
(21 months ago) |
|
Fixed | = 1.7 |
CVE-2022-46683
|
MAVEN:GHSA-V93C-CXJ5-C398 | Jenkins Google Login Plugin Open Redirect vulnerability | moderate |
2022-12-12T09:30:35
(21 months ago) |