pkg:maven/org.jenkins-ci.plugins/promoted-builds
Type
maven
Namespace
org.jenkins-ci.plugins
Name
promoted-builds
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/promoted-builds package.
High
4
Moderate
2
Medium
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 3.9 |
CVE-2021-21641
|
JENKINS:SECURITY-2293 | CSRF vulnerability in `promoted-builds` | medium |
2021-04-07T00:00:00
(3 years ago) |
|
Fixed | = 3.9.1 |
CVE-2021-21641
|
JENKINS:SECURITY-2293 | CSRF vulnerability in `promoted-builds` | medium |
2021-04-07T00:00:00
(3 years ago) |
|
Affected | <= 873.v6149db_d64130 |
CVE-2022-29036
CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046 |
JENKINS:SECURITY-2617 | Stored XSS vulnerabilities in multiple plugins providing additional parameter types | high |
2022-04-12T00:00:00
(2 years ago) |
|
Fixed | = 876.v99d29788b_36b_ or 3.10.1 |
CVE-2022-29036
CVE-2022-29037 CVE-2022-29038 CVE-2022-29039 CVE-2022-29040 CVE-2022-29041 CVE-2022-29042 CVE-2022-29043 CVE-2022-29044 CVE-2022-29045 CVE-2022-29046 |
JENKINS:SECURITY-2617 | Stored XSS vulnerabilities in multiple plugins providing additional parameter types | high |
2022-04-12T00:00:00
(2 years ago) |
|
Affected | <= 873.v6149db_d64130 |
CVE-2022-29049
|
JENKINS:SECURITY-2655 | Promotion names in `promoted-builds` are not validated when using Job DSL | high |
2022-04-12T00:00:00
(2 years ago) |
|
Fixed | = 876.v99d29788b_36b_ or 3.10.1 |
CVE-2022-29049
|
JENKINS:SECURITY-2655 | Promotion names in `promoted-builds` are not validated when using Job DSL | high |
2022-04-12T00:00:00
(2 years ago) |
|
Affected | <= 3.9 |
CVE-2021-21641
|
MAVEN:GHSA-5CXW-8V65-76VF | CSRF vulnerability in Jenkins promoted builds Plugin | moderate |
2022-05-24T17:46:47
(2 years ago) |
|
Fixed | = 3.9.1 |
CVE-2021-21641
|
MAVEN:GHSA-5CXW-8V65-76VF | CSRF vulnerability in Jenkins promoted builds Plugin | moderate |
2022-05-24T17:46:47
(2 years ago) |
|
Affected | <= 2.31.1 |
CVE-2018-1000114
|
MAVEN:GHSA-9RX5-W522-5FH7 | Jenkins Promoted Builds Plugin allowed unauthorized users to run some promotion processes | moderate |
2022-05-13T01:48:32
(2 years ago) |
|
Fixed | = 3.0 |
CVE-2018-1000114
|
MAVEN:GHSA-9RX5-W522-5FH7 | Jenkins Promoted Builds Plugin allowed unauthorized users to run some promotion processes | moderate |
2022-05-13T01:48:32
(2 years ago) |
|
Affected | >= 3.11, < 876.v99d29788b < 3.10.1 |
CVE-2022-29049
|
MAVEN:GHSA-JMXR-W2JC-QP7W | Promotion names in Jenkins promoted builds Plugin are not validated when using Job DSL | high |
2022-04-13T00:00:16
(2 years ago) |
|
Fixed | = 876.v99d29788b = 3.10.1 |
CVE-2022-29049
|
MAVEN:GHSA-JMXR-W2JC-QP7W | Promotion names in Jenkins promoted builds Plugin are not validated when using Job DSL | high |
2022-04-13T00:00:16
(2 years ago) |
|
Affected | >= 3.11, < 876.v99d29788b < 3.10.1 |
CVE-2022-29045
|
MAVEN:GHSA-V98R-GJGC-M9PF | Stored Cross-site Scripting vulnerability in Jenkins Promoted Builds Plugin | high |
2022-04-13T00:00:16
(2 years ago) |
|
Fixed | = 876.v99d29788b = 3.10.1 |
CVE-2022-29045
|
MAVEN:GHSA-V98R-GJGC-M9PF | Stored Cross-site Scripting vulnerability in Jenkins Promoted Builds Plugin | high |
2022-04-13T00:00:16
(2 years ago) |