pkg:maven/org.jenkins-ci.plugins/pipeline-githubnotify-step

Type maven

Namespace org.jenkins-ci.plugins

Name pipeline-githubnotify-step

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/pipeline-githubnotify-step package.

Repository: https://mvnrepository.com/artifact/org.jenkins-ci.plugins/pipeline-githubnotify-step

High 3

Medium 1

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 1.0.4		CVE-2020-2116 CVE-2020-2117	JENKINS:SECURITY-812-1	CSRF vulnerability and missing permission checks in `pipeline-githubnotify-step` allows capturing credentials	high	2020-02-12T00:00:00 (4 years ago)
Fixed	= 1.0.5		CVE-2020-2116 CVE-2020-2117	JENKINS:SECURITY-812-1	CSRF vulnerability and missing permission checks in `pipeline-githubnotify-step` allows capturing credentials	high	2020-02-12T00:00:00 (4 years ago)
Affected	<= 1.0.4		CVE-2020-2118	JENKINS:SECURITY-812-2	Users with Overall/Read access can enumerate credential IDs in `pipeline-githubnotify-step`	medium	2020-02-12T00:00:00 (4 years ago)
Fixed	= 1.0.5		CVE-2020-2118	JENKINS:SECURITY-812-2	Users with Overall/Read access can enumerate credential IDs in `pipeline-githubnotify-step`	medium	2020-02-12T00:00:00 (4 years ago)
Affected	< 1.0.5		CVE-2020-2116	MAVEN:GHSA-QHXF-M7JM-JC57	CSRF vulnerability in Pipeline GitHub Notify Step Plugin allows capturing credentials	high	2022-05-24T17:08:46 (2 years ago)
Fixed	= 1.0.5		CVE-2020-2116	MAVEN:GHSA-QHXF-M7JM-JC57	CSRF vulnerability in Pipeline GitHub Notify Step Plugin allows capturing credentials	high	2022-05-24T17:08:46 (2 years ago)
Affected	< 1.0.5		CVE-2020-2117	MAVEN:GHSA-X7RC-5MJG-5PVR	Missing permission checks in Pipeline GitHub Notify Step Plugin allows capturing credentials	high	2022-05-24T17:08:46 (2 years ago)
Fixed	= 1.0.5		CVE-2020-2117	MAVEN:GHSA-X7RC-5MJG-5PVR	Missing permission checks in Pipeline GitHub Notify Step Plugin allows capturing credentials	high	2022-05-24T17:08:46 (2 years ago)