1. Home
  2. Packages
  3. maven
  4. org.jenkins-ci.plugins
  5. liquibase-runner

pkg:maven/org.jenkins-ci.plugins/liquibase-runner

Type maven
Namespace org.jenkins-ci.plugins
Name liquibase-runner

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/liquibase-runner package.

Repository
https://mvnrepository.com/artifact/org.jenkins-ci.plugins/liquibase-runner
High 5
Moderate 2
Medium 1
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected <= 1.4.5 CVE-2020-2283
jenkins JENKINS:SECURITY-1885 Stored XSS vulnerability in `liquibase-runner` high 2020-09-23T00:00:00
(4 years ago)
Fixed = 1.4.7 CVE-2020-2283
jenkins JENKINS:SECURITY-1885 Stored XSS vulnerability in `liquibase-runner` high 2020-09-23T00:00:00
(4 years ago)
Affected <= 1.4.5 CVE-2020-2284
jenkins JENKINS:SECURITY-1887 XXE vulnerability in `liquibase-runner` high 2020-09-23T00:00:00
(4 years ago)
Fixed = 1.4.7 CVE-2020-2284
jenkins JENKINS:SECURITY-1887 XXE vulnerability in `liquibase-runner` high 2020-09-23T00:00:00
(4 years ago)
Affected <= 1.4.7 CVE-2020-2285
jenkins JENKINS:SECURITY-2030 Missing permission check in `liquibase-runner` allows enumerating credentials IDs medium 2020-09-23T00:00:00
(4 years ago)
Fixed = 1.4.8 CVE-2020-2285
jenkins JENKINS:SECURITY-2030 Missing permission check in `liquibase-runner` allows enumerating credentials IDs medium 2020-09-23T00:00:00
(4 years ago)
Affected <= 1.3.0 CVE-2018-1000146
jenkins JENKINS:SECURITY-519 Liquibase Runner Plugin allows users to load arbitrary Java code into controller JVM high 2018-03-26T00:00:00
(6 years ago)
Affected < 1.4.3 CVE-2018-1000146
maven MAVEN:GHSA-3HVC-XWJP-XR8M Liquibase Runner Plugin allows users to load arbitrary Java code into controller JVM high 2022-05-13T01:48:33
(2 years ago)
Fixed = 1.4.3 CVE-2018-1000146
maven MAVEN:GHSA-3HVC-XWJP-XR8M Liquibase Runner Plugin allows users to load arbitrary Java code into controller JVM high 2022-05-13T01:48:33
(2 years ago)
Affected <= 1.4.7 CVE-2020-2285
maven MAVEN:GHSA-44CM-P9Q7-RR3P Missing permission check in Jenkins Liquibase Runner Plugin allows enumerating credentials IDs moderate 2022-05-24T17:29:16
(2 years ago)
Fixed = 1.4.8 CVE-2020-2285
maven MAVEN:GHSA-44CM-P9Q7-RR3P Missing permission check in Jenkins Liquibase Runner Plugin allows enumerating credentials IDs moderate 2022-05-24T17:29:16
(2 years ago)
Affected <= 1.4.5 CVE-2020-2283
maven MAVEN:GHSA-9HG7-XMF8-JXF9 Stored XSS vulnerability in Jenkins Liquibase Runner Plugin moderate 2022-05-24T17:29:16
(2 years ago)
Fixed = 1.4.6 CVE-2020-2283
maven MAVEN:GHSA-9HG7-XMF8-JXF9 Stored XSS vulnerability in Jenkins Liquibase Runner Plugin moderate 2022-05-24T17:29:16
(2 years ago)
Affected <= 1.4.5 CVE-2020-2284
maven MAVEN:GHSA-XX7G-F287-F9FQ XXE vulnerability in Jenkins Liquibase Runner Plugin high 2022-05-24T17:29:16
(2 years ago)
Fixed = 1.4.7 CVE-2020-2284
maven MAVEN:GHSA-XX7G-F287-F9FQ XXE vulnerability in Jenkins Liquibase Runner Plugin high 2022-05-24T17:29:16
(2 years ago)