pkg:maven/org.jenkins-ci.plugins/mercurial
Type
maven
Namespace
org.jenkins-ci.plugins
Name
mercurial
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/mercurial package.
High
2
Moderate
4
Medium
2
Low
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 2.11 |
CVE-2020-2306
|
JENKINS:SECURITY-2104 | Missing permission check in `mercurial` | medium |
2020-11-04T00:00:00
(3 years ago) |
|
Fixed | = 2.12 |
CVE-2020-2306
|
JENKINS:SECURITY-2104 | Missing permission check in `mercurial` | medium |
2020-11-04T00:00:00
(3 years ago) |
|
Affected | <= 2.11 |
CVE-2020-2305
|
JENKINS:SECURITY-2115 | XXE vulnerability in `mercurial` | high |
2020-11-04T00:00:00
(3 years ago) |
|
Fixed | = 2.12 |
CVE-2020-2305
|
JENKINS:SECURITY-2115 | XXE vulnerability in `mercurial` | high |
2020-11-04T00:00:00
(3 years ago) |
|
Affected | <= 2.16 |
CVE-2022-30947
CVE-2022-30948 CVE-2022-30949 |
JENKINS:SECURITY-2478 | Multiple SCM plugins can check out from the controller file system | low |
2022-05-17T00:00:00
(2 years ago) |
|
Fixed | = 2.16.1 |
CVE-2022-30947
CVE-2022-30948 CVE-2022-30949 |
JENKINS:SECURITY-2478 | Multiple SCM plugins can check out from the controller file system | low |
2022-05-17T00:00:00
(2 years ago) |
|
Affected | <= 1251.va_b_121f184902 |
CVE-2022-43410
|
JENKINS:SECURITY-2831 | Webhook endpoint discloses job names to unauthorized users in `mercurial` | medium |
2022-10-19T00:00:00
(23 months ago) |
|
Fixed | = 1260.vdfb_723cdcc81 |
CVE-2022-43410
|
JENKINS:SECURITY-2831 | Webhook endpoint discloses job names to unauthorized users in `mercurial` | medium |
2022-10-19T00:00:00
(23 months ago) |
|
Affected | <= 2.16 |
CVE-2022-30948
|
MAVEN:GHSA-5786-3QJG-MR88 | Path traversal in Jenkins Mercurial Plugin | low |
2022-05-18T00:00:39
(2 years ago) |
|
Fixed | = 2.16.1 |
CVE-2022-30948
|
MAVEN:GHSA-5786-3QJG-MR88 | Path traversal in Jenkins Mercurial Plugin | low |
2022-05-18T00:00:39
(2 years ago) |
|
Affected | <= 2.16 |
CVE-2022-30947
|
MAVEN:GHSA-84CM-VJWM-M979 | Path traversal in Jenkins Git Mercurial and Repo Plugins | high |
2022-05-18T00:00:39
(2 years ago) |
|
Fixed | = 2.16.1 |
CVE-2022-30947
|
MAVEN:GHSA-84CM-VJWM-M979 | Path traversal in Jenkins Git Mercurial and Repo Plugins | high |
2022-05-18T00:00:39
(2 years ago) |
|
Affected | < 2.16.1 |
CVE-2022-30949
|
MAVEN:GHSA-8VFC-FCR2-47PJ | Path traversal in Jenkins REPO Plugin | low |
2022-05-18T00:00:40
(2 years ago) |
|
Fixed | = 2.16.1 |
CVE-2022-30949
|
MAVEN:GHSA-8VFC-FCR2-47PJ | Path traversal in Jenkins REPO Plugin | low |
2022-05-18T00:00:40
(2 years ago) |
|
Affected | <= 2.2 |
CVE-2018-1000112
|
MAVEN:GHSA-F9CX-789C-W2MR | Incorrect Authorization in Jenkins Mercurial Plugin | moderate |
2022-05-13T01:48:32
(2 years ago) |
|
Fixed | = 2.3 |
CVE-2018-1000112
|
MAVEN:GHSA-F9CX-789C-W2MR | Incorrect Authorization in Jenkins Mercurial Plugin | moderate |
2022-05-13T01:48:32
(2 years ago) |
|
Affected | < 1260.vdfb |
CVE-2022-43410
|
MAVEN:GHSA-J7PG-863G-22P6 | Webhook endpoint discloses job names to unauthorized users in Jenkins Mercurial Plugin | moderate |
2022-10-19T19:00:18
(23 months ago) |
|
Fixed | = 1260.vdfb_723cdcc81 |
CVE-2022-43410
|
MAVEN:GHSA-J7PG-863G-22P6 | Webhook endpoint discloses job names to unauthorized users in Jenkins Mercurial Plugin | moderate |
2022-10-19T19:00:18
(23 months ago) |
|
Affected | < 2.8.1 = 2.9 = 2.10 = 2.11 |
CVE-2020-2306
|
MAVEN:GHSA-VRRC-3WWH-FRGX | Missing Authorization in Jenkins Mercurial Plugin | moderate |
2022-05-24T17:33:07
(2 years ago) |
|
Fixed | = 2.8.1 = 2.9.1 = 2.10.1 = 2.12 |
CVE-2020-2306
|
MAVEN:GHSA-VRRC-3WWH-FRGX | Missing Authorization in Jenkins Mercurial Plugin | moderate |
2022-05-24T17:33:07
(2 years ago) |
|
Affected | < 2.8.1 = 2.9 = 2.10 = 2.11 |
CVE-2020-2305
|
MAVEN:GHSA-X58R-WXC3-7PQR | XXE vulnerability in Jenkins Mercurial Plugin | moderate |
2022-05-24T17:33:07
(2 years ago) |
|
Fixed | = 2.8.1 = 2.9.1 = 2.10.1 = 2.12 |
CVE-2020-2305
|
MAVEN:GHSA-X58R-WXC3-7PQR | XXE vulnerability in Jenkins Mercurial Plugin | moderate |
2022-05-24T17:33:07
(2 years ago) |