pkg:maven/org.jenkins-ci.plugins/ssh-agent
Type
maven
Namespace
org.jenkins-ci.plugins
Name
ssh-agent
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/ssh-agent package.
Moderate
1
Medium
1
Low
2
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 1.23 |
CVE-2022-20620
|
 JENKINS:SECURITY-2189
|
Missing permission checks in `ssh-agent` allow enumerating credentials IDs | medium |
2022-01-12T00:00:00
(2 years ago) |
|
| Fixed | = 1.23.2 |
CVE-2022-20620
|
JENKINS:SECURITY-2189
|
Missing permission checks in `ssh-agent` allow enumerating credentials IDs | medium |
2022-01-12T00:00:00
(2 years ago) |
|
| Affected | <= 1.15 |
CVE-2018-1999036
|
JENKINS:SECURITY-704
|
SSH Agent Plugin could reveal SSH key passphrase when used inside pipeline | low |
2018-07-30T00:00:00
(6 years ago) |
|
| Fixed | = 1.16 |
CVE-2018-1999036
|
JENKINS:SECURITY-704
|
SSH Agent Plugin could reveal SSH key passphrase when used inside pipeline | low |
2018-07-30T00:00:00
(6 years ago) |
|
| Affected | < 1.22.1 >= 1.23, < 1.23.2 |
CVE-2022-20620
|
 MAVEN:GHSA-9WXH-JJJ5-67CV
|
Missing permission checks in SSH Agent Plugin allow enumerating credentials IDs | moderate |
2022-01-13T00:00:58
(2 years ago) |
|
| Fixed | = 1.22.1 = 1.23.2 |
CVE-2022-20620
|
MAVEN:GHSA-9WXH-JJJ5-67CV
|
Missing permission checks in SSH Agent Plugin allow enumerating credentials IDs | moderate |
2022-01-13T00:00:58
(2 years ago) |
|
| Affected | <= 1.15 |
CVE-2018-1999036
|
MAVEN:GHSA-WWGX-94V6-FC2P
|
Jenkins SSH Agent Plugin exposes SSH private key password to users with permission to read the build log | low |
2022-05-13T01:50:55
(2 years ago) |
|
| Fixed | = 1.16 |
CVE-2018-1999036
|
MAVEN:GHSA-WWGX-94V6-FC2P
|
Jenkins SSH Agent Plugin exposes SSH private key password to users with permission to read the build log | low |
2022-05-13T01:50:55
(2 years ago) |