1. Home
  2. Packages
  3. maven
  4. org.jenkins-ci.plugins
  5. miniorange-saml-sp

pkg:maven/org.jenkins-ci.plugins/miniorange-saml-sp

Type maven
Namespace org.jenkins-ci.plugins
Name miniorange-saml-sp

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/miniorange-saml-sp package.

Repository
https://mvnrepository.com/artifact/org.jenkins-ci.plugins/miniorange-saml-sp
High 1
Medium 4
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected <= 2.0.2 CVE-2023-32991
CVE-2023-32992
jenkins JENKINS:SECURITY-2993 CSRF vulnerability and missing permission checks in `miniorange-saml-sp` allow XXE high 2023-05-16T00:00:00
(16 months ago)
Fixed = 2.1.0 CVE-2023-32991
CVE-2023-32992
jenkins JENKINS:SECURITY-2993 CSRF vulnerability and missing permission checks in `miniorange-saml-sp` allow XXE high 2023-05-16T00:00:00
(16 months ago)
Affected <= 2.0.0 CVE-2023-32995
CVE-2023-32996
jenkins JENKINS:SECURITY-2994 CSRF vulnerability and missing permission check in `miniorange-saml-sp` medium 2023-05-16T00:00:00
(16 months ago)
Fixed = 2.0.1 CVE-2023-32995
CVE-2023-32996
jenkins JENKINS:SECURITY-2994 CSRF vulnerability and missing permission check in `miniorange-saml-sp` medium 2023-05-16T00:00:00
(16 months ago)
Affected <= 2.0.2 CVE-2023-32993
jenkins JENKINS:SECURITY-3001-1 Missing hostname validation in `miniorange-saml-sp` medium 2023-05-16T00:00:00
(16 months ago)
Fixed = 2.1.0 CVE-2023-32993
jenkins JENKINS:SECURITY-3001-1 Missing hostname validation in `miniorange-saml-sp` medium 2023-05-16T00:00:00
(16 months ago)
Affected <= 2.1.0 CVE-2023-32994
jenkins JENKINS:SECURITY-3001-2 SSL/TLS certificate validation unconditionally disabled by `miniorange-saml-sp` medium 2023-05-16T00:00:00
(16 months ago)
Fixed = 2.2.0 CVE-2023-32994
jenkins JENKINS:SECURITY-3001-2 SSL/TLS certificate validation unconditionally disabled by `miniorange-saml-sp` medium 2023-05-16T00:00:00
(16 months ago)
Affected <= 2.3.0 CVE-2023-37945
jenkins JENKINS:SECURITY-3164 Missing permission check in `miniorange-saml-sp` medium 2023-07-12T00:00:00
(14 months ago)
Fixed = 2.3.1 CVE-2023-37945
jenkins JENKINS:SECURITY-3164 Missing permission check in `miniorange-saml-sp` medium 2023-07-12T00:00:00
(14 months ago)