pkg:maven/org.jenkins-ci.plugins/neuvector-vulnerability-scanner
Type
maven
Namespace
org.jenkins-ci.plugins
Name
neuvector-vulnerability-scanner
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/neuvector-vulnerability-scanner package.
High
1
Medium
2
Low
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 1.5 |
CVE-2019-10430
|
 JENKINS:SECURITY-1504
|
`neuvector-vulnerability-scanner` stored credentials in plain text | low |
2019-09-25T00:00:00
(5 years ago) |
|
| Fixed | = 1.6 |
CVE-2019-10430
|
JENKINS:SECURITY-1504
|
`neuvector-vulnerability-scanner` stored credentials in plain text | low |
2019-09-25T00:00:00
(5 years ago) |
|
| Affected | <= 1.22 |
CVE-2023-30517
|
JENKINS:SECURITY-2841
|
SSL/TLS certificate validation unconditionally disabled by `neuvector-vulnerability-scanner` | medium |
2023-04-12T00:00:00
(17 months ago) |
|
| Affected | <= 1.20 |
CVE-2022-43434
|
JENKINS:SECURITY-2865
|
Content-Security-Policy protection for user content disabled by `neuvector-vulnerability-scanner` | high |
2022-10-19T00:00:00
(23 months ago) |
|
| Affected | <= 1.22 |
CVE-2023-49673
CVE-2023-49674 |
JENKINS:SECURITY-3256
|
CSRF vulnerability and missing permission checks in `neuvector-vulnerability-scanner` | medium |
2023-11-29T00:00:00
(9 months ago) |
|
| Fixed | = 2.2 |
CVE-2023-49673
CVE-2023-49674 |
JENKINS:SECURITY-3256
|
CSRF vulnerability and missing permission checks in `neuvector-vulnerability-scanner` | medium |
2023-11-29T00:00:00
(9 months ago) |