pkg:maven/org.jenkins-ci.plugins/tfs

Type maven

Namespace org.jenkins-ci.plugins

Name tfs

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/tfs package.

Repository: https://mvnrepository.com/artifact/org.jenkins-ci.plugins/tfs

High 2

Moderate 2

Medium 1

Low 2

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 5.157.1		CVE-2020-2249	JENKINS:SECURITY-1506	Credentials stored in plain text by `tfs`	low	2020-09-01T00:00:00 (4 years ago)
Affected	<= 5.157.1		CVE-2021-21636	JENKINS:SECURITY-2283-1	Missing permission check in `tfs` allows enumerating credentials IDs	medium	2021-03-30T00:00:00 (3 years ago)
Affected	<= 5.157.1		CVE-2021-21637 CVE-2021-21638	JENKINS:SECURITY-2283-2	CSRF vulnerability and missing permission check in `tfs` allow capturing credentials	high	2021-03-30T00:00:00 (3 years ago)
Affected	<= 5.157.1		CVE-2021-21638	MAVEN:GHSA-263Q-5PJ7-J6HJ	CSRF vulnerability in Jenkins Team Foundation Server Plugin allow capturing credentials	high	2022-05-24T17:45:46 (2 years ago)
Affected	<= 5.157.1		CVE-2021-21637	MAVEN:GHSA-6364-JX4H-7564	Missing permission check in Jenkins Team Foundation Server Plugin allow capturing credentials	moderate	2022-05-24T17:45:46 (2 years ago)
Affected	<= 5.157.1		CVE-2021-21636	MAVEN:GHSA-VG28-9F43-GMH5	Missing permission check in Jenkins Team Foundation Server Plugin allows enumerating credentials IDs	moderate	2022-05-24T17:45:46 (2 years ago)
Affected	<= 5.157.1		CVE-2020-2249	MAVEN:GHSA-W6C2-JRHH-JRXG	Credentials stored in plain text by Jenkins tfs Plugin	low	2022-05-24T17:27:06 (2 years ago)