pkg:maven/org.jenkins-ci.plugins/vsphere-cloud
Type
maven
Namespace
org.jenkins-ci.plugins
Name
vsphere-cloud
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/vsphere-cloud package.
High
1
Moderate
2
Medium
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 2.16 |
CVE-2018-1000151
|
JENKINS:SECURITY-504 | vSphere Plugin does not validate SSL/TLS certificates | medium |
2018-03-26T00:00:00
(6 years ago) |
|
Fixed | = 2.17 |
CVE-2018-1000151
|
JENKINS:SECURITY-504 | vSphere Plugin does not validate SSL/TLS certificates | medium |
2018-03-26T00:00:00
(6 years ago) |
|
Affected | <= 2.16 |
CVE-2018-1000152
|
JENKINS:SECURITY-745 | CSRF vulnerability and missing permission checks in vSphere Plugin form validation allowed enumerating credentials IDs, capturing credentials, and denial of service | medium |
2018-03-26T00:00:00
(6 years ago) |
|
Fixed | = 2.17 |
CVE-2018-1000152
|
JENKINS:SECURITY-745 | CSRF vulnerability and missing permission checks in vSphere Plugin form validation allowed enumerating credentials IDs, capturing credentials, and denial of service | medium |
2018-03-26T00:00:00
(6 years ago) |
|
Affected | <= 2.16 |
CVE-2018-1000153
|
MAVEN:GHSA-2G32-2J8W-2QGF | Jenkins vSphere Plugin Cross-Site Request Forgery vulnerability | high |
2022-05-14T03:23:41
(2 years ago) |
|
Fixed | = 2.17 |
CVE-2018-1000153
|
MAVEN:GHSA-2G32-2J8W-2QGF | Jenkins vSphere Plugin Cross-Site Request Forgery vulnerability | high |
2022-05-14T03:23:41
(2 years ago) |
|
Affected | <= 2.16 |
CVE-2018-1000152
|
MAVEN:GHSA-48PQ-X3VW-4PQF | Jenkins vSphere Plugin incorrect authorization vulnerability | moderate |
2022-05-13T01:48:33
(2 years ago) |
|
Fixed | = 2.17 |
CVE-2018-1000152
|
MAVEN:GHSA-48PQ-X3VW-4PQF | Jenkins vSphere Plugin incorrect authorization vulnerability | moderate |
2022-05-13T01:48:33
(2 years ago) |
|
Affected | <= 2.16 |
CVE-2018-1000151
|
MAVEN:GHSA-VQ7P-F4FV-RR5X | Jenkins vSphere Plugin disables SSL/TLS certificate validation by default | moderate |
2022-05-14T03:23:45
(2 years ago) |
|
Fixed | = 2.17 |
CVE-2018-1000151
|
MAVEN:GHSA-VQ7P-F4FV-RR5X | Jenkins vSphere Plugin disables SSL/TLS certificate validation by default | moderate |
2022-05-14T03:23:45
(2 years ago) |