pkg:maven/org.jenkins-ci.plugins/icescrum
Type
maven
Namespace
org.jenkins-ci.plugins
Name
icescrum
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/icescrum package.
High
3
Moderate
2
Medium
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 1.1.5 |
CVE-2019-10443
|
JENKINS:SECURITY-1436 | `icescrum` stored credentials in plain text | medium |
2019-10-16T00:00:00
(4 years ago) |
|
Fixed | = 1.1.6 |
CVE-2019-10443
|
JENKINS:SECURITY-1436 | `icescrum` stored credentials in plain text | medium |
2019-10-16T00:00:00
(4 years ago) |
|
Affected | <= 1.1.5 |
CVE-2019-10441
CVE-2019-10442 |
JENKINS:SECURITY-1484 | CSRF vulnerability and missing permission check in `icescrum` | medium |
2019-10-16T00:00:00
(4 years ago) |
|
Fixed | = 1.1.6 |
CVE-2019-10441
CVE-2019-10442 |
JENKINS:SECURITY-1484 | CSRF vulnerability and missing permission check in `icescrum` | medium |
2019-10-16T00:00:00
(4 years ago) |
|
Affected | <= 1.1.6 |
CVE-2024-28160
|
JENKINS:SECURITY-3248 | Stored XSS vulnerability in `icescrum` | high |
2024-03-06T00:00:00
(6 months ago) |
|
Affected | <= 1.1.6 |
CVE-2024-28160
|
MAVEN:GHSA-2PC2-H97H-2MMW | Jenkins iceScrum Plugin vulnerable to stored Cross-site Scripting | high |
2024-03-06T18:30:39
(6 months ago) |
|
Affected | < 1.1.5 |
CVE-2019-10443
|
MAVEN:GHSA-362P-56C9-Q273 | Jenkins iceScrum Plugin stores credentials in Cleartext | high |
2022-05-24T16:58:49
(2 years ago) |
|
Fixed | = 1.1.5 |
CVE-2019-10443
|
MAVEN:GHSA-362P-56C9-Q273 | Jenkins iceScrum Plugin stores credentials in Cleartext | high |
2022-05-24T16:58:49
(2 years ago) |
|
Affected | < 1.1.6 |
CVE-2019-10442
|
MAVEN:GHSA-H5CX-W235-58HM | Jenkins iceScrum Plugin vulnerable to Missing Authorization | moderate |
2022-05-24T16:58:49
(2 years ago) |
|
Fixed | = 1.1.6 |
CVE-2019-10442
|
MAVEN:GHSA-H5CX-W235-58HM | Jenkins iceScrum Plugin vulnerable to Missing Authorization | moderate |
2022-05-24T16:58:49
(2 years ago) |
|
Affected | < 1.1.6 |
CVE-2019-10441
|
MAVEN:GHSA-RXVX-9WG5-QPWW | Jenkins iceScrum Plugin vulnerable to Cross-site Request Forgery | moderate |
2022-05-24T16:58:49
(2 years ago) |
|
Fixed | = 1.1.6 |
CVE-2019-10441
|
MAVEN:GHSA-RXVX-9WG5-QPWW | Jenkins iceScrum Plugin vulnerable to Cross-site Request Forgery | moderate |
2022-05-24T16:58:49
(2 years ago) |