pkg:maven/org.jenkins-ci.plugins/role-strategy

Type maven

Namespace org.jenkins-ci.plugins

Name role-strategy

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/role-strategy package.

Repository: https://mvnrepository.com/artifact/org.jenkins-ci.plugins/role-strategy

High 3

Moderate 2

Medium 2

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 3.0		CVE-2020-2286	JENKINS:SECURITY-1767	Improper authorization due to caching in `role-strategy`	high	2020-10-08T00:00:00 (3 years ago)
Fixed	= 3.1		CVE-2020-2286	JENKINS:SECURITY-1767	Improper authorization due to caching in `role-strategy`	high	2020-10-08T00:00:00 (3 years ago)
Affected	<= 3.1		CVE-2021-21624	JENKINS:SECURITY-2182	Incorrect permission checks in `role-strategy` may allow accessing some items	medium	2021-03-18T00:00:00 (3 years ago)
Fixed	= 3.1.1		CVE-2021-21624	JENKINS:SECURITY-2182	Incorrect permission checks in `role-strategy` may allow accessing some items	medium	2021-03-18T00:00:00 (3 years ago)
Affected	<= 587.v2872c41fa_e51		CVE-2023-28668	JENKINS:SECURITY-3053	Incorrect permission checks in `role-strategy`	medium	2023-03-21T00:00:00 (18 months ago)
Fixed	= 587.588.v850a_20a_30162		CVE-2023-28668	JENKINS:SECURITY-3053	Incorrect permission checks in `role-strategy`	medium	2023-03-21T00:00:00 (18 months ago)
Affected	>= 2.12, < 3.1		CVE-2020-2286	MAVEN:GHSA-25G4-P347-X748	Improper authorization due to caching in Jenkins Role-based Authorization Strategy Plugin	high	2022-05-24T17:30:18 (2 years ago)
Fixed	= 3.1		CVE-2020-2286	MAVEN:GHSA-25G4-P347-X748	Improper authorization due to caching in Jenkins Role-based Authorization Strategy Plugin	high	2022-05-24T17:30:18 (2 years ago)
Affected	< 587.588.v850a		CVE-2023-28668	MAVEN:GHSA-436G-2F92-CVHH	Jenkins Role-based Authorization Strategy Plugin grants permissions even after they’ve been disabled	moderate	2023-04-02T21:30:17 (17 months ago)
Fixed	= 587.588.v850a_20a_30162		CVE-2023-28668	MAVEN:GHSA-436G-2F92-CVHH	Jenkins Role-based Authorization Strategy Plugin grants permissions even after they’ve been disabled	moderate	2023-04-02T21:30:17 (17 months ago)
Affected	< 2.5.1		CVE-2017-1000090	MAVEN:GHSA-774G-R3FM-4V85	CSRF vulnerability in Jenkins Role-based Authorization Strategy Plugin configuration	high	2022-05-17T00:29:02 (2 years ago)
Fixed	= 2.5.1		CVE-2017-1000090	MAVEN:GHSA-774G-R3FM-4V85	CSRF vulnerability in Jenkins Role-based Authorization Strategy Plugin configuration	high	2022-05-17T00:29:02 (2 years ago)
Affected	<= 3.1		CVE-2021-21624	MAVEN:GHSA-RM4M-39FJ-288C	Incorrect permission checks in Jenkins Role-based Authorization Strategy Plugin may allow accessing some items	moderate	2022-05-24T17:44:48 (2 years ago)
Fixed	= 3.1.1		CVE-2021-21624	MAVEN:GHSA-RM4M-39FJ-288C	Incorrect permission checks in Jenkins Role-based Authorization Strategy Plugin may allow accessing some items	moderate	2022-05-24T17:44:48 (2 years ago)