pkg:maven/org.jenkins-ci.plugins/role-strategy
Type
maven
Namespace
org.jenkins-ci.plugins
Name
role-strategy
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/role-strategy package.
High
3
Moderate
2
Medium
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 3.0 |
CVE-2020-2286
|
JENKINS:SECURITY-1767 | Improper authorization due to caching in `role-strategy` | high |
2020-10-08T00:00:00
(3 years ago) |
|
Fixed | = 3.1 |
CVE-2020-2286
|
JENKINS:SECURITY-1767 | Improper authorization due to caching in `role-strategy` | high |
2020-10-08T00:00:00
(3 years ago) |
|
Affected | <= 3.1 |
CVE-2021-21624
|
JENKINS:SECURITY-2182 | Incorrect permission checks in `role-strategy` may allow accessing some items | medium |
2021-03-18T00:00:00
(3 years ago) |
|
Fixed | = 3.1.1 |
CVE-2021-21624
|
JENKINS:SECURITY-2182 | Incorrect permission checks in `role-strategy` may allow accessing some items | medium |
2021-03-18T00:00:00
(3 years ago) |
|
Affected | <= 587.v2872c41fa_e51 |
CVE-2023-28668
|
JENKINS:SECURITY-3053 | Incorrect permission checks in `role-strategy` | medium |
2023-03-21T00:00:00
(18 months ago) |
|
Fixed | = 587.588.v850a_20a_30162 |
CVE-2023-28668
|
JENKINS:SECURITY-3053 | Incorrect permission checks in `role-strategy` | medium |
2023-03-21T00:00:00
(18 months ago) |
|
Affected | >= 2.12, < 3.1 |
CVE-2020-2286
|
MAVEN:GHSA-25G4-P347-X748 | Improper authorization due to caching in Jenkins Role-based Authorization Strategy Plugin | high |
2022-05-24T17:30:18
(2 years ago) |
|
Fixed | = 3.1 |
CVE-2020-2286
|
MAVEN:GHSA-25G4-P347-X748 | Improper authorization due to caching in Jenkins Role-based Authorization Strategy Plugin | high |
2022-05-24T17:30:18
(2 years ago) |
|
Affected | < 587.588.v850a |
CVE-2023-28668
|
MAVEN:GHSA-436G-2F92-CVHH | Jenkins Role-based Authorization Strategy Plugin grants permissions even after they’ve been disabled | moderate |
2023-04-02T21:30:17
(17 months ago) |
|
Fixed | = 587.588.v850a_20a_30162 |
CVE-2023-28668
|
MAVEN:GHSA-436G-2F92-CVHH | Jenkins Role-based Authorization Strategy Plugin grants permissions even after they’ve been disabled | moderate |
2023-04-02T21:30:17
(17 months ago) |
|
Affected | < 2.5.1 |
CVE-2017-1000090
|
MAVEN:GHSA-774G-R3FM-4V85 | CSRF vulnerability in Jenkins Role-based Authorization Strategy Plugin configuration | high |
2022-05-17T00:29:02
(2 years ago) |
|
Fixed | = 2.5.1 |
CVE-2017-1000090
|
MAVEN:GHSA-774G-R3FM-4V85 | CSRF vulnerability in Jenkins Role-based Authorization Strategy Plugin configuration | high |
2022-05-17T00:29:02
(2 years ago) |
|
Affected | <= 3.1 |
CVE-2021-21624
|
MAVEN:GHSA-RM4M-39FJ-288C | Incorrect permission checks in Jenkins Role-based Authorization Strategy Plugin may allow accessing some items | moderate |
2022-05-24T17:44:48
(2 years ago) |
|
Fixed | = 3.1.1 |
CVE-2021-21624
|
MAVEN:GHSA-RM4M-39FJ-288C | Incorrect permission checks in Jenkins Role-based Authorization Strategy Plugin may allow accessing some items | moderate |
2022-05-24T17:44:48
(2 years ago) |