pkg:maven/org.jenkins-ci.plugins/jira

Type maven

Namespace org.jenkins-ci.plugins

Name jira

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/jira package.

Repository: https://mvnrepository.com/artifact/org.jenkins-ci.plugins/jira

High 1

Moderate 4

Medium 3

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 3.0.1		CVE-2018-1000412	JENKINS:SECURITY-1029	CSRF vulnerability and missing permission checks in Jira Plugin allowed capturing credentials	medium	2018-09-25T00:00:00 (6 years ago)
Fixed	= 3.0.2		CVE-2018-1000412	JENKINS:SECURITY-1029	CSRF vulnerability and missing permission checks in Jira Plugin allowed capturing credentials	medium	2018-09-25T00:00:00 (6 years ago)
Affected	<= 3.0.10		CVE-2019-16541	JENKINS:SECURITY-1106	Folder-scoped Jira sites in `jira` were able to access System-scoped credentials	medium	2019-11-21T00:00:00 (4 years ago)
Fixed	= 3.0.11		CVE-2019-16541	JENKINS:SECURITY-1106	Folder-scoped Jira sites in `jira` were able to access System-scoped credentials	medium	2019-11-21T00:00:00 (4 years ago)
Affected	<= 3.7		CVE-2022-29036 CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046	JENKINS:SECURITY-2617	Stored XSS vulnerabilities in multiple plugins providing additional parameter types	high	2022-04-12T00:00:00 (2 years ago)
Fixed	= 3.7.1 or 3.6.1		CVE-2022-29036 CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046	JENKINS:SECURITY-2617	Stored XSS vulnerabilities in multiple plugins providing additional parameter types	high	2022-04-12T00:00:00 (2 years ago)
Affected	<= 3.11		CVE-2023-49653	JENKINS:SECURITY-3225	Exposure of system-scoped credentials in `jira`	medium	2023-11-29T00:00:00 (9 months ago)
Fixed	= 3.12		CVE-2023-49653	JENKINS:SECURITY-3225	Exposure of system-scoped credentials in `jira`	medium	2023-11-29T00:00:00 (9 months ago)
Affected	<= 3.0.10		CVE-2019-16541	MAVEN:GHSA-98M4-M2C3-QXGQ	Jenkins JIRA Plugin allows users to select and use credentials with System scope	moderate	2022-05-24T17:01:40 (2 years ago)
Fixed	= 3.0.11		CVE-2019-16541	MAVEN:GHSA-98M4-M2C3-QXGQ	Jenkins JIRA Plugin allows users to select and use credentials with System scope	moderate	2022-05-24T17:01:40 (2 years ago)
Affected	<= 3.0.1		CVE-2018-1000412	MAVEN:GHSA-FPG6-XQJ4-J7WF	Jenkins Jira Plugin Incorrect Authorization vulnerability	moderate	2022-05-13T01:18:46 (2 years ago)
Fixed	= 3.0.2		CVE-2018-1000412	MAVEN:GHSA-FPG6-XQJ4-J7WF	Jenkins Jira Plugin Incorrect Authorization vulnerability	moderate	2022-05-13T01:18:46 (2 years ago)
Affected	< 3.6.1 >= 3.7.0, < 3.7.1		CVE-2022-29041	MAVEN:GHSA-M3P3-2GP6-GHQ8	Stored Cross-site Scripting vulnerability in Jenkins Jira Plugin	moderate	2022-04-13T00:00:17 (2 years ago)
Fixed	= 3.6.1 = 3.7.1		CVE-2022-29041	MAVEN:GHSA-M3P3-2GP6-GHQ8	Stored Cross-site Scripting vulnerability in Jenkins Jira Plugin	moderate	2022-04-13T00:00:17 (2 years ago)
Affected	< 3.12		CVE-2023-49653	MAVEN:GHSA-QMHQ-876F-CR65	Jenkins Jira Plugin vulnerable to exposure of system-scoped credentials	moderate	2023-11-29T15:30:21 (9 months ago)
Fixed	= 3.12		CVE-2023-49653	MAVEN:GHSA-QMHQ-876F-CR65	Jenkins Jira Plugin vulnerable to exposure of system-scoped credentials	moderate	2023-11-29T15:30:21 (9 months ago)