1. Home
  2. Packages
  3. maven
  4. org.jenkins-ci.plugins
  5. icescrum

pkg:maven/org.jenkins-ci.plugins/icescrum

Type maven
Namespace org.jenkins-ci.plugins
Name icescrum

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/icescrum package.

Repository
https://mvnrepository.com/artifact/org.jenkins-ci.plugins/icescrum
High 3
Moderate 2
Medium 2
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected <= 1.1.5 CVE-2019-10443
jenkins JENKINS:SECURITY-1436 `icescrum` stored credentials in plain text medium 2019-10-16T00:00:00
(4 years ago)
Fixed = 1.1.6 CVE-2019-10443
jenkins JENKINS:SECURITY-1436 `icescrum` stored credentials in plain text medium 2019-10-16T00:00:00
(4 years ago)
Affected <= 1.1.5 CVE-2019-10441
CVE-2019-10442
jenkins JENKINS:SECURITY-1484 CSRF vulnerability and missing permission check in `icescrum` medium 2019-10-16T00:00:00
(4 years ago)
Fixed = 1.1.6 CVE-2019-10441
CVE-2019-10442
jenkins JENKINS:SECURITY-1484 CSRF vulnerability and missing permission check in `icescrum` medium 2019-10-16T00:00:00
(4 years ago)
Affected <= 1.1.6 CVE-2024-28160
jenkins JENKINS:SECURITY-3248 Stored XSS vulnerability in `icescrum` high 2024-03-06T00:00:00
(6 months ago)
Affected <= 1.1.6 CVE-2024-28160
maven MAVEN:GHSA-2PC2-H97H-2MMW Jenkins iceScrum Plugin vulnerable to stored Cross-site Scripting high 2024-03-06T18:30:39
(6 months ago)
Affected < 1.1.5 CVE-2019-10443
maven MAVEN:GHSA-362P-56C9-Q273 Jenkins iceScrum Plugin stores credentials in Cleartext high 2022-05-24T16:58:49
(2 years ago)
Fixed = 1.1.5 CVE-2019-10443
maven MAVEN:GHSA-362P-56C9-Q273 Jenkins iceScrum Plugin stores credentials in Cleartext high 2022-05-24T16:58:49
(2 years ago)
Affected < 1.1.6 CVE-2019-10442
maven MAVEN:GHSA-H5CX-W235-58HM Jenkins iceScrum Plugin vulnerable to Missing Authorization moderate 2022-05-24T16:58:49
(2 years ago)
Fixed = 1.1.6 CVE-2019-10442
maven MAVEN:GHSA-H5CX-W235-58HM Jenkins iceScrum Plugin vulnerable to Missing Authorization moderate 2022-05-24T16:58:49
(2 years ago)
Affected < 1.1.6 CVE-2019-10441
maven MAVEN:GHSA-RXVX-9WG5-QPWW Jenkins iceScrum Plugin vulnerable to Cross-site Request Forgery moderate 2022-05-24T16:58:49
(2 years ago)
Fixed = 1.1.6 CVE-2019-10441
maven MAVEN:GHSA-RXVX-9WG5-QPWW Jenkins iceScrum Plugin vulnerable to Cross-site Request Forgery moderate 2022-05-24T16:58:49
(2 years ago)