pkg:maven/org.jenkins-ci.plugins/promoted-builds
Type
maven
Namespace
org.jenkins-ci.plugins
Name
promoted-builds
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/promoted-builds package.
High
4
Moderate
2
Medium
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 3.9 |
CVE-2021-21641
|
 JENKINS:SECURITY-2293
|
CSRF vulnerability in `promoted-builds` | medium |
2021-04-07T00:00:00
(3 years ago) |
|
| Fixed | = 3.9.1 |
CVE-2021-21641
|
JENKINS:SECURITY-2293
|
CSRF vulnerability in `promoted-builds` | medium |
2021-04-07T00:00:00
(3 years ago) |
|
| Affected | <= 873.v6149db_d64130 |
CVE-2022-29036
CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046 |
JENKINS:SECURITY-2617
|
Stored XSS vulnerabilities in multiple plugins providing additional parameter types | high |
2022-04-12T00:00:00
(2 years ago) |
|
| Fixed | = 876.v99d29788b_36b_ or 3.10.1 |
CVE-2022-29036
CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046 |
JENKINS:SECURITY-2617
|
Stored XSS vulnerabilities in multiple plugins providing additional parameter types | high |
2022-04-12T00:00:00
(2 years ago) |
|
| Affected | <= 873.v6149db_d64130 |
CVE-2022-29049
|
JENKINS:SECURITY-2655
|
Promotion names in `promoted-builds` are not validated when using Job DSL | high |
2022-04-12T00:00:00
(2 years ago) |
|
| Fixed | = 876.v99d29788b_36b_ or 3.10.1 |
CVE-2022-29049
|
JENKINS:SECURITY-2655
|
Promotion names in `promoted-builds` are not validated when using Job DSL | high |
2022-04-12T00:00:00
(2 years ago) |
|
| Affected | <= 3.9 |
CVE-2021-21641
|
 MAVEN:GHSA-5CXW-8V65-76VF
|
CSRF vulnerability in Jenkins promoted builds Plugin | moderate |
2022-05-24T17:46:47
(2 years ago) |
|
| Fixed | = 3.9.1 |
CVE-2021-21641
|
MAVEN:GHSA-5CXW-8V65-76VF
|
CSRF vulnerability in Jenkins promoted builds Plugin | moderate |
2022-05-24T17:46:47
(2 years ago) |
|
| Affected | <= 2.31.1 |
CVE-2018-1000114
|
MAVEN:GHSA-9RX5-W522-5FH7
|
Jenkins Promoted Builds Plugin allowed unauthorized users to run some promotion processes | moderate |
2022-05-13T01:48:32
(2 years ago) |
|
| Fixed | = 3.0 |
CVE-2018-1000114
|
MAVEN:GHSA-9RX5-W522-5FH7
|
Jenkins Promoted Builds Plugin allowed unauthorized users to run some promotion processes | moderate |
2022-05-13T01:48:32
(2 years ago) |
|
| Affected | >= 3.11, < 876.v99d29788b < 3.10.1 |
CVE-2022-29049
|
MAVEN:GHSA-JMXR-W2JC-QP7W
|
Promotion names in Jenkins promoted builds Plugin are not validated when using Job DSL | high |
2022-04-13T00:00:16
(2 years ago) |
|
| Fixed | = 876.v99d29788b = 3.10.1 |
CVE-2022-29049
|
MAVEN:GHSA-JMXR-W2JC-QP7W
|
Promotion names in Jenkins promoted builds Plugin are not validated when using Job DSL | high |
2022-04-13T00:00:16
(2 years ago) |
|
| Affected | >= 3.11, < 876.v99d29788b < 3.10.1 |
CVE-2022-29045
|
MAVEN:GHSA-V98R-GJGC-M9PF
|
Stored Cross-site Scripting vulnerability in Jenkins Promoted Builds Plugin | high |
2022-04-13T00:00:16
(2 years ago) |
|
| Fixed | = 876.v99d29788b = 3.10.1 |
CVE-2022-29045
|
MAVEN:GHSA-V98R-GJGC-M9PF
|
Stored Cross-site Scripting vulnerability in Jenkins Promoted Builds Plugin | high |
2022-04-13T00:00:16
(2 years ago) |