pkg:maven/org.jenkins-ci.plugins/mercurial

Type maven

Namespace org.jenkins-ci.plugins

Name mercurial

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/mercurial package.

Repository: https://mvnrepository.com/artifact/org.jenkins-ci.plugins/mercurial

High 2

Moderate 4

Medium 2

Low 3

Type	Version	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 2.11	CVE-2020-2306	JENKINS:SECURITY-2104	Missing permission check in `mercurial`	medium	2020-11-04T00:00:00 (3 years ago)
Fixed	= 2.12	CVE-2020-2306	JENKINS:SECURITY-2104	Missing permission check in `mercurial`	medium	2020-11-04T00:00:00 (3 years ago)
Affected	<= 2.11	CVE-2020-2305	JENKINS:SECURITY-2115	XXE vulnerability in `mercurial`	high	2020-11-04T00:00:00 (3 years ago)
Fixed	= 2.12	CVE-2020-2305	JENKINS:SECURITY-2115	XXE vulnerability in `mercurial`	high	2020-11-04T00:00:00 (3 years ago)
Affected	<= 2.16	CVE-2022-30947 CVE-2022-30948 CVE-2022-30949	JENKINS:SECURITY-2478	Multiple SCM plugins can check out from the controller file system	low	2022-05-17T00:00:00 (2 years ago)
Fixed	= 2.16.1	CVE-2022-30947 CVE-2022-30948 CVE-2022-30949	JENKINS:SECURITY-2478	Multiple SCM plugins can check out from the controller file system	low	2022-05-17T00:00:00 (2 years ago)
Affected	<= 1251.va_b_121f184902	CVE-2022-43410	JENKINS:SECURITY-2831	Webhook endpoint discloses job names to unauthorized users in `mercurial`	medium	2022-10-19T00:00:00 (23 months ago)
Fixed	= 1260.vdfb_723cdcc81	CVE-2022-43410	JENKINS:SECURITY-2831	Webhook endpoint discloses job names to unauthorized users in `mercurial`	medium	2022-10-19T00:00:00 (23 months ago)
Affected	<= 2.16	CVE-2022-30948	MAVEN:GHSA-5786-3QJG-MR88	Path traversal in Jenkins Mercurial Plugin	low	2022-05-18T00:00:39 (2 years ago)
Fixed	= 2.16.1	CVE-2022-30948	MAVEN:GHSA-5786-3QJG-MR88	Path traversal in Jenkins Mercurial Plugin	low	2022-05-18T00:00:39 (2 years ago)
Affected	<= 2.16	CVE-2022-30947	MAVEN:GHSA-84CM-VJWM-M979	Path traversal in Jenkins Git Mercurial and Repo Plugins	high	2022-05-18T00:00:39 (2 years ago)
Fixed	= 2.16.1	CVE-2022-30947	MAVEN:GHSA-84CM-VJWM-M979	Path traversal in Jenkins Git Mercurial and Repo Plugins	high	2022-05-18T00:00:39 (2 years ago)
Affected	< 2.16.1	CVE-2022-30949	MAVEN:GHSA-8VFC-FCR2-47PJ	Path traversal in Jenkins REPO Plugin	low	2022-05-18T00:00:40 (2 years ago)
Fixed	= 2.16.1	CVE-2022-30949	MAVEN:GHSA-8VFC-FCR2-47PJ	Path traversal in Jenkins REPO Plugin	low	2022-05-18T00:00:40 (2 years ago)
Affected	<= 2.2	CVE-2018-1000112	MAVEN:GHSA-F9CX-789C-W2MR	Incorrect Authorization in Jenkins Mercurial Plugin	moderate	2022-05-13T01:48:32 (2 years ago)
Fixed	= 2.3	CVE-2018-1000112	MAVEN:GHSA-F9CX-789C-W2MR	Incorrect Authorization in Jenkins Mercurial Plugin	moderate	2022-05-13T01:48:32 (2 years ago)
Affected	< 1260.vdfb	CVE-2022-43410	MAVEN:GHSA-J7PG-863G-22P6	Webhook endpoint discloses job names to unauthorized users in Jenkins Mercurial Plugin	moderate	2022-10-19T19:00:18 (23 months ago)
Fixed	= 1260.vdfb_723cdcc81	CVE-2022-43410	MAVEN:GHSA-J7PG-863G-22P6	Webhook endpoint discloses job names to unauthorized users in Jenkins Mercurial Plugin	moderate	2022-10-19T19:00:18 (23 months ago)
Affected	< 2.8.1 = 2.9 = 2.10 = 2.11	CVE-2020-2306	MAVEN:GHSA-VRRC-3WWH-FRGX	Missing Authorization in Jenkins Mercurial Plugin	moderate	2022-05-24T17:33:07 (2 years ago)
Fixed	= 2.8.1 = 2.9.1 = 2.10.1 = 2.12	CVE-2020-2306	MAVEN:GHSA-VRRC-3WWH-FRGX	Missing Authorization in Jenkins Mercurial Plugin	moderate	2022-05-24T17:33:07 (2 years ago)
Affected	< 2.8.1 = 2.9 = 2.10 = 2.11	CVE-2020-2305	MAVEN:GHSA-X58R-WXC3-7PQR	XXE vulnerability in Jenkins Mercurial Plugin	moderate	2022-05-24T17:33:07 (2 years ago)
Fixed	= 2.8.1 = 2.9.1 = 2.10.1 = 2.12	CVE-2020-2305	MAVEN:GHSA-X58R-WXC3-7PQR	XXE vulnerability in Jenkins Mercurial Plugin	moderate	2022-05-24T17:33:07 (2 years ago)