pkg:maven/org.jenkins-ci.plugins/jobConfigHistory
Type
maven
Namespace
org.jenkins-ci.plugins
Name
jobConfigHistory
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/jobConfigHistory package.
High
4
Moderate
6
Medium
2
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 2.18 |
CVE-2018-1000416
|
 JENKINS:SECURITY-1130
|
Reflected XSS vulnerability in Job Config History Plugin | medium |
2018-09-25T00:00:00
(6 years ago) |
|
| Fixed | = 2.18.1 |
CVE-2018-1000416
|
JENKINS:SECURITY-1130
|
Reflected XSS vulnerability in Job Config History Plugin | medium |
2018-09-25T00:00:00
(6 years ago) |
|
| Affected | <= 1165.v8cc9fd1f4597 |
CVE-2022-38664
|
JENKINS:SECURITY-2765
|
Stored XSS vulnerability in `jobConfigHistory` | high |
2022-08-23T00:00:00
(2 years ago) |
|
| Fixed | = 1166.vc9f255f45b_8a |
CVE-2022-38664
|
JENKINS:SECURITY-2765
|
Stored XSS vulnerability in `jobConfigHistory` | high |
2022-08-23T00:00:00
(2 years ago) |
|
| Affected | <= 1155.v28a_46a_cc06a_5 |
CVE-2022-36887
|
JENKINS:SECURITY-2766
|
CSRF vulnerability in `jobConfigHistory` | medium |
2022-07-27T00:00:00
(2 years ago) |
|
| Fixed | = 1156.v536a_97b_8d649 |
CVE-2022-36887
|
JENKINS:SECURITY-2766
|
CSRF vulnerability in `jobConfigHistory` | medium |
2022-07-27T00:00:00
(2 years ago) |
|
| Affected | <= 1227.v7a_79fc4dc01f |
CVE-2023-41930
CVE-2023-41931 |
JENKINS:SECURITY-3233
|
Path traversal allows exploiting XSS vulnerability in `jobConfigHistory` | high |
2023-09-06T00:00:00
(12 months ago) |
|
| Fixed | = 1229.v3039470161a_d |
CVE-2023-41930
CVE-2023-41931 |
JENKINS:SECURITY-3233
|
Path traversal allows exploiting XSS vulnerability in `jobConfigHistory` | high |
2023-09-06T00:00:00
(12 months ago) |
|
| Affected | <= 1227.v7a_79fc4dc01f |
CVE-2023-41932
CVE-2023-41933 |
JENKINS:SECURITY-3235
|
Path traversal allows exploiting XXE vulnerability in `jobConfigHistory` | high |
2023-09-06T00:00:00
(12 months ago) |
|
| Fixed | = 1229.v3039470161a_d |
CVE-2023-41932
CVE-2023-41933 |
JENKINS:SECURITY-3235
|
Path traversal allows exploiting XXE vulnerability in `jobConfigHistory` | high |
2023-09-06T00:00:00
(12 months ago) |
|
| Affected | <= 1165.v8cc9fd1f4597 |
CVE-2022-38664
|
 MAVEN:GHSA-28W4-H56G-GRG7
|
Cross-site Scripting in Jenkins Job Configuration History Plugin | moderate |
2022-08-24T00:00:28
(2 years ago) |
|
| Fixed | = 1166.vc9f255f45b |
CVE-2022-38664
|
MAVEN:GHSA-28W4-H56G-GRG7
|
Cross-site Scripting in Jenkins Job Configuration History Plugin | moderate |
2022-08-24T00:00:28
(2 years ago) |
|
| Affected | <= 1227.v7a |
CVE-2023-41931
|
MAVEN:GHSA-5JXP-F5RR-G6JC
|
XSS vulnerability in Jenkins Job Configuration History Plugin | moderate |
2023-09-06T15:30:26
(12 months ago) |
|
| Fixed | = 1229.v3039470161a_d |
CVE-2023-41931
|
MAVEN:GHSA-5JXP-F5RR-G6JC
|
XSS vulnerability in Jenkins Job Configuration History Plugin | moderate |
2023-09-06T15:30:26
(12 months ago) |
|
| Affected | <= 1227.v7a |
CVE-2023-41930
|
MAVEN:GHSA-C7R5-CWW9-64Q6
|
Path traversal in Jenkins Job Configuration History Plugin | moderate |
2023-09-06T15:30:26
(12 months ago) |
|
| Fixed | = 1229.v3039470161a_d |
CVE-2023-41930
|
MAVEN:GHSA-C7R5-CWW9-64Q6
|
Path traversal in Jenkins Job Configuration History Plugin | moderate |
2023-09-06T15:30:26
(12 months ago) |
|
| Affected | <= 1227.v7a |
CVE-2023-41932
|
MAVEN:GHSA-CGH7-RGQG-HRCX
|
Path traversal allows exploiting XXE vulnerability in Jenkins Job Configuration History Plugin | moderate |
2023-09-06T15:30:26
(12 months ago) |
|
| Fixed | = 1229.v3039470161a_d |
CVE-2023-41932
|
MAVEN:GHSA-CGH7-RGQG-HRCX
|
Path traversal allows exploiting XXE vulnerability in Jenkins Job Configuration History Plugin | moderate |
2023-09-06T15:30:26
(12 months ago) |
|
| Affected | < 1229.v3039470161a |
CVE-2023-41933
|
MAVEN:GHSA-GHJW-FCF6-RPR9
|
Job Configuration History Plugin's path traversal allows exploiting XXE vulnerability | high |
2023-09-06T15:30:26
(12 months ago) |
|
| Fixed | = 1229.v3039470161a_d |
CVE-2023-41933
|
MAVEN:GHSA-GHJW-FCF6-RPR9
|
Job Configuration History Plugin's path traversal allows exploiting XXE vulnerability | high |
2023-09-06T15:30:26
(12 months ago) |
|
| Affected | <= 1155.v28a |
CVE-2022-36887
|
MAVEN:GHSA-J896-J72W-CR32
|
Jenkins Job Configuration History Plugin does not require POST requests for several HTTP endpoints | moderate |
2022-07-28T00:00:43
(2 years ago) |
|
| Fixed | = 1156.v536a_97b_8d649 |
CVE-2022-36887
|
MAVEN:GHSA-J896-J72W-CR32
|
Jenkins Job Configuration History Plugin does not require POST requests for several HTTP endpoints | moderate |
2022-07-28T00:00:43
(2 years ago) |
|
| Affected | <= 2.18 |
CVE-2018-1000416
|
MAVEN:GHSA-W3R4-VX9W-F7P7
|
Jenkins Job Config History Plugin reflected XSS vulnerability | moderate |
2022-05-14T00:53:49
(2 years ago) |
|
| Fixed | = 2.18.1 |
CVE-2018-1000416
|
MAVEN:GHSA-W3R4-VX9W-F7P7
|
Jenkins Job Config History Plugin reflected XSS vulnerability | moderate |
2022-05-14T00:53:49
(2 years ago) |