1. Home
  2. Packages
  3. maven
  4. org.jenkins-ci.plugins
  5. sonar-gerrit

pkg:maven/org.jenkins-ci.plugins/sonar-gerrit

Type maven
Namespace org.jenkins-ci.plugins
Name sonar-gerrit

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/sonar-gerrit package.

Repository
https://mvnrepository.com/artifact/org.jenkins-ci.plugins/sonar-gerrit
Moderate 2
Medium 2
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected <= 377.v8f3808963dc5 CVE-2022-46688
jenkins JENKINS:SECURITY-1002 CSRF vulnerability in `sonar-gerrit` medium 2022-12-07T00:00:00
(21 months ago)
Affected <= 2.3 CVE-2019-10467
jenkins JENKINS:SECURITY-1003 `sonar-gerrit` stored credentials in plain text medium 2019-10-23T00:00:00
(4 years ago)
Affected < 2.4.5 CVE-2019-10467
maven MAVEN:GHSA-6FV3-W7J6-5XFC Jenkins Sonar Gerrit Plugin stores credentials unencrypted moderate 2022-05-24T16:59:37
(2 years ago)
Fixed = 2.4.5 CVE-2019-10467
maven MAVEN:GHSA-6FV3-W7J6-5XFC Jenkins Sonar Gerrit Plugin stores credentials unencrypted moderate 2022-05-24T16:59:37
(2 years ago)
Affected <= 377.v8f3808963dc5 CVE-2022-46688
maven MAVEN:GHSA-M82G-FV7V-H64M Jenkins Sonar Gerrit Plugin vulnerable to Cross-Site Request Forgery moderate 2022-12-12T09:30:35
(21 months ago)
Fixed = 378.vf4646d4df087 CVE-2022-46688
maven MAVEN:GHSA-M82G-FV7V-H64M Jenkins Sonar Gerrit Plugin vulnerable to Cross-Site Request Forgery moderate 2022-12-12T09:30:35
(21 months ago)