pkg:maven/org.jenkins-ci.plugins/tfs
Type
maven
Namespace
org.jenkins-ci.plugins
Name
tfs
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/tfs package.
High
2
Moderate
2
Medium
1
Low
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 5.157.1 |
CVE-2020-2249
|
JENKINS:SECURITY-1506 | Credentials stored in plain text by `tfs` | low |
2020-09-01T00:00:00
(4 years ago) |
|
Affected | <= 5.157.1 |
CVE-2021-21636
|
JENKINS:SECURITY-2283-1 | Missing permission check in `tfs` allows enumerating credentials IDs | medium |
2021-03-30T00:00:00
(3 years ago) |
|
Affected | <= 5.157.1 |
CVE-2021-21637
CVE-2021-21638 |
JENKINS:SECURITY-2283-2 | CSRF vulnerability and missing permission check in `tfs` allow capturing credentials | high |
2021-03-30T00:00:00
(3 years ago) |
|
Affected | <= 5.157.1 |
CVE-2021-21638
|
MAVEN:GHSA-263Q-5PJ7-J6HJ | CSRF vulnerability in Jenkins Team Foundation Server Plugin allow capturing credentials | high |
2022-05-24T17:45:46
(2 years ago) |
|
Affected | <= 5.157.1 |
CVE-2021-21637
|
MAVEN:GHSA-6364-JX4H-7564 | Missing permission check in Jenkins Team Foundation Server Plugin allow capturing credentials | moderate |
2022-05-24T17:45:46
(2 years ago) |
|
Affected | <= 5.157.1 |
CVE-2021-21636
|
MAVEN:GHSA-VG28-9F43-GMH5 | Missing permission check in Jenkins Team Foundation Server Plugin allows enumerating credentials IDs | moderate |
2022-05-24T17:45:46
(2 years ago) |
|
Affected | <= 5.157.1 |
CVE-2020-2249
|
MAVEN:GHSA-W6C2-JRHH-JRXG | Credentials stored in plain text by Jenkins tfs Plugin | low |
2022-05-24T17:27:06
(2 years ago) |