pkg:maven/org.jenkins-ci.plugins/jira-steps

Type maven

Namespace org.jenkins-ci.plugins

Name jira-steps

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/jira-steps package.

Repository: https://mvnrepository.com/artifact/org.jenkins-ci.plugins/jira-steps

Moderate 4

Medium 1

Low 1

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 2.0.165.v8846cf59f3db		CVE-2023-24439 CVE-2023-24440	JENKINS:SECURITY-2774	Keys stored in plain text by `jira-steps`	low	2023-01-24T00:00:00 (20 months ago)
Affected	<= 2.0.165.v8846cf59f3db		CVE-2023-24437 CVE-2023-24438	JENKINS:SECURITY-2786	CSRF vulnerability and missing permission checks in `jira-steps`	medium	2023-01-24T00:00:00 (20 months ago)
Affected	<= 2.0.165.v8846cf59f3db		CVE-2023-24440	MAVEN:GHSA-3G2G-RCM6-RRQ2	Cleartext Transmission of Sensitive Information in Jenkins JIRA Pipeline Steps Plugin	moderate	2023-01-26T21:30:18 (19 months ago)
Affected	<= 2.0.165.v8846cf59f3db		CVE-2023-24438	MAVEN:GHSA-6J27-3XFW-CJ2W	Missing permissions check in Jenkins JIRA Pipeline Steps Plugin	moderate	2023-01-26T21:30:18 (19 months ago)
Affected	<= 2.0.165.v8846cf59f3db		CVE-2023-24439	MAVEN:GHSA-G29V-5PWH-WXX4	Plaintext Storage of a Password in Jenkins JIRA Pipeline Steps Plugin	moderate	2023-01-26T21:30:18 (19 months ago)
Affected	<= 2.0.165.v8846cf59f3db		CVE-2023-24437	MAVEN:GHSA-R3GM-JWF4-XGV2	Cross-site request forgery vulnerability in Jenkins JIRA Pipeline Steps Plugin	moderate	2023-01-26T21:30:18 (19 months ago)