pkg:maven/org.jenkins-ci.plugins/neuvector-vulnerability-scanner
Type
maven
Namespace
org.jenkins-ci.plugins
Name
neuvector-vulnerability-scanner
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/neuvector-vulnerability-scanner package.
High
1
Medium
2
Low
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 1.5 |
CVE-2019-10430
|
JENKINS:SECURITY-1504 | `neuvector-vulnerability-scanner` stored credentials in plain text | low |
2019-09-25T00:00:00
(5 years ago) |
|
Fixed | = 1.6 |
CVE-2019-10430
|
JENKINS:SECURITY-1504 | `neuvector-vulnerability-scanner` stored credentials in plain text | low |
2019-09-25T00:00:00
(5 years ago) |
|
Affected | <= 1.22 |
CVE-2023-30517
|
JENKINS:SECURITY-2841 | SSL/TLS certificate validation unconditionally disabled by `neuvector-vulnerability-scanner` | medium |
2023-04-12T00:00:00
(17 months ago) |
|
Affected | <= 1.20 |
CVE-2022-43434
|
JENKINS:SECURITY-2865 | Content-Security-Policy protection for user content disabled by `neuvector-vulnerability-scanner` | high |
2022-10-19T00:00:00
(23 months ago) |
|
Affected | <= 1.22 |
CVE-2023-49673
CVE-2023-49674 |
JENKINS:SECURITY-3256 | CSRF vulnerability and missing permission checks in `neuvector-vulnerability-scanner` | medium |
2023-11-29T00:00:00
(9 months ago) |
|
Fixed | = 2.2 |
CVE-2023-49673
CVE-2023-49674 |
JENKINS:SECURITY-3256 | CSRF vulnerability and missing permission checks in `neuvector-vulnerability-scanner` | medium |
2023-11-29T00:00:00
(9 months ago) |