pkg:maven/org.jenkins-ci.plugins/pipeline-maven
Type
maven
Namespace
org.jenkins-ci.plugins
Name
pipeline-maven
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/pipeline-maven package.
High
7
Moderate
2
Medium
2
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 3.7.0 |
CVE-2019-10327
|
 JENKINS:SECURITY-1409
|
XML External Entity processing vulnerability in `pipeline-maven` | high |
2019-05-31T00:00:00
(5 years ago) |
|
| Fixed | = 3.7.1 |
CVE-2019-10327
|
JENKINS:SECURITY-1409
|
XML External Entity processing vulnerability in `pipeline-maven` | high |
2019-05-31T00:00:00
(5 years ago) |
|
| Affected | <= 3.8.2 |
CVE-2020-2233
|
JENKINS:SECURITY-1794-1
|
Missing permission check in `pipeline-maven` allows enumerating credentials IDs | medium |
2020-08-12T00:00:00
(4 years ago) |
|
| Fixed | = 3.8.3 |
CVE-2020-2233
|
JENKINS:SECURITY-1794-1
|
Missing permission check in `pipeline-maven` allows enumerating credentials IDs | medium |
2020-08-12T00:00:00
(4 years ago) |
|
| Affected | <= 3.8.2 |
CVE-2020-2234
CVE-2020-2235 |
JENKINS:SECURITY-1794-2
|
CSRF vulnerability and missing permission check in `pipeline-maven` allow capturing credentials | high |
2020-08-12T00:00:00
(4 years ago) |
|
| Fixed | = 3.8.3 |
CVE-2020-2234
CVE-2020-2235 |
JENKINS:SECURITY-1794-2
|
CSRF vulnerability and missing permission check in `pipeline-maven` allow capturing credentials | high |
2020-08-12T00:00:00
(4 years ago) |
|
| Affected | <= 3.9.2 |
CVE-2020-2256
|
JENKINS:SECURITY-1976
|
Stored XSS vulnerability in upstream cause in `pipeline-maven` | high |
2020-09-16T00:00:00
(4 years ago) |
|
| Fixed | = 3.9.3 |
CVE-2020-2256
|
JENKINS:SECURITY-1976
|
Stored XSS vulnerability in upstream cause in `pipeline-maven` | high |
2020-09-16T00:00:00
(4 years ago) |
|
| Affected | <= 1330.v18e473854496 |
CVE-2023-41934
|
JENKINS:SECURITY-3257
|
Improper masking of credentials in `pipeline-maven` | medium |
2023-09-06T00:00:00
(12 months ago) |
|
| Fixed | = 1331.v003efa_fd6e81 |
CVE-2023-41934
|
JENKINS:SECURITY-3257
|
Improper masking of credentials in `pipeline-maven` | medium |
2023-09-06T00:00:00
(12 months ago) |
|
| Affected | < 3.8.3 |
CVE-2020-2233
|
 MAVEN:GHSA-32XP-M6VG-GWPJ
|
Missing permission check in Jenkins Pipeline Maven Integration Plugin allows enumerating credentials IDs | moderate |
2022-05-24T17:25:24
(2 years ago) |
|
| Fixed | = 3.8.3 |
CVE-2020-2233
|
MAVEN:GHSA-32XP-M6VG-GWPJ
|
Missing permission check in Jenkins Pipeline Maven Integration Plugin allows enumerating credentials IDs | moderate |
2022-05-24T17:25:24
(2 years ago) |
|
| Affected | < 3.7.1 |
CVE-2019-10327
|
MAVEN:GHSA-6755-JGP4-8Q7H
|
XML External Entity processing vulnerability in Pipeline Maven Integration Jenkins Plugin | high |
2022-05-24T22:00:03
(2 years ago) |
|
| Fixed | = 3.7.1 |
CVE-2019-10327
|
MAVEN:GHSA-6755-JGP4-8Q7H
|
XML External Entity processing vulnerability in Pipeline Maven Integration Jenkins Plugin | high |
2022-05-24T22:00:03
(2 years ago) |
|
| Affected | <= 1330.v18e473854496 |
CVE-2023-41934
|
MAVEN:GHSA-9V8G-F9MQ-739G
|
Improper masking of credentials in Jenkins Pipeline Maven Integration Plugin | moderate |
2023-09-06T15:30:26
(12 months ago) |
|
| Fixed | = 1331.v003efa_fd6e81 |
CVE-2023-41934
|
MAVEN:GHSA-9V8G-F9MQ-739G
|
Improper masking of credentials in Jenkins Pipeline Maven Integration Plugin | moderate |
2023-09-06T15:30:26
(12 months ago) |
|
| Affected | < 3.8.3 |
CVE-2020-2235
|
MAVEN:GHSA-C2HG-2JJ6-H8VH
|
CSRF vulnerability in Jenkins Pipeline Maven Integration Plugin allow capturing credentials | high |
2022-05-24T17:25:25
(2 years ago) |
|
| Fixed | = 3.8.3 |
CVE-2020-2235
|
MAVEN:GHSA-C2HG-2JJ6-H8VH
|
CSRF vulnerability in Jenkins Pipeline Maven Integration Plugin allow capturing credentials | high |
2022-05-24T17:25:25
(2 years ago) |
|
| Affected | <= 3.9.2 |
CVE-2020-2256
|
MAVEN:GHSA-HQ2H-9MC3-H6W2
|
Stored XSS vulnerability in Pipeline Maven Integration Plugin via unescaped display name | high |
2022-05-24T17:28:25
(2 years ago) |
|
| Fixed | = 3.9.3 |
CVE-2020-2256
|
MAVEN:GHSA-HQ2H-9MC3-H6W2
|
Stored XSS vulnerability in Pipeline Maven Integration Plugin via unescaped display name | high |
2022-05-24T17:28:25
(2 years ago) |
|
| Affected | < 3.8.3 |
CVE-2020-2234
|
MAVEN:GHSA-MRR8-FCG7-P2WG
|
Missing permission check in Jenkins Pipeline Maven Integration Plugin allow capturing credentials | high |
2022-05-24T17:25:24
(2 years ago) |
|
| Fixed | = 3.8.3 |
CVE-2020-2234
|
MAVEN:GHSA-MRR8-FCG7-P2WG
|
Missing permission check in Jenkins Pipeline Maven Integration Plugin allow capturing credentials | high |
2022-05-24T17:25:24
(2 years ago) |