pkg:maven/org.jenkins-ci.plugins/warnings-ng
Type
maven
Namespace
org.jenkins-ci.plugins
Name
warnings-ng
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/warnings-ng package.
High
1
Medium
6
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 1.0.1 |
CVE-2019-1003023
|
 JENKINS:SECURITY-1271
|
XSS vulnerability in Warnings Next Generation Plugin | medium |
2019-01-28T00:00:00
(5 years ago) |
|
| Fixed | = 2.0.0 |
CVE-2019-1003023
|
JENKINS:SECURITY-1271
|
XSS vulnerability in Warnings Next Generation Plugin | medium |
2019-01-28T00:00:00
(5 years ago) |
|
| Affected | <= 2.1.1 |
CVE-2019-1003008
|
JENKINS:SECURITY-1295-2
|
Sandbox Bypass via CSRF in Warnings Next Generation Plugin | high |
2019-01-28T00:00:00
(5 years ago) |
|
| Fixed | = 2.1.2 |
CVE-2019-1003008
|
JENKINS:SECURITY-1295-2
|
Sandbox Bypass via CSRF in Warnings Next Generation Plugin | high |
2019-01-28T00:00:00
(5 years ago) |
|
| Affected | <= 5.0.0 |
CVE-2019-10325
|
JENKINS:SECURITY-1373
|
Persisted XSS vulnerability in `warnings-ng` | medium |
2019-05-31T00:00:00
(5 years ago) |
|
| Fixed | = 5.1.0 |
CVE-2019-10325
|
JENKINS:SECURITY-1373
|
Persisted XSS vulnerability in `warnings-ng` | medium |
2019-05-31T00:00:00
(5 years ago) |
|
| Affected | <= 5.0.0 |
CVE-2019-10326
|
JENKINS:SECURITY-1391
|
CSRF vulnerability in `warnings-ng` | medium |
2019-05-31T00:00:00
(5 years ago) |
|
| Fixed | = 5.1.0 |
CVE-2019-10326
|
JENKINS:SECURITY-1391
|
CSRF vulnerability in `warnings-ng` | medium |
2019-05-31T00:00:00
(5 years ago) |
|
| Affected | <= 8.4.4 |
CVE-2021-21626
|
JENKINS:SECURITY-2041
|
Missing permission checks in `warnings-ng` allow listing workspace contents | medium |
2021-03-18T00:00:00
(3 years ago) |
|
| Fixed | = 8.5.0 |
CVE-2021-21626
|
JENKINS:SECURITY-2041
|
Missing permission checks in `warnings-ng` allow listing workspace contents | medium |
2021-03-18T00:00:00
(3 years ago) |
|
| Affected | <= 9.10.2 |
CVE-2022-23107
|
JENKINS:SECURITY-2090
|
Path traversal vulnerability in `warnings-ng` | medium |
2022-01-12T00:00:00
(2 years ago) |
|
| Fixed | = 9.10.3 |
CVE-2022-23107
|
JENKINS:SECURITY-2090
|
Path traversal vulnerability in `warnings-ng` | medium |
2022-01-12T00:00:00
(2 years ago) |
|
| Affected | <= 10.5.0 |
CVE-2023-46651
|
JENKINS:SECURITY-3265
|
Exposure of system-scoped credentials in `warnings-ng` | medium |
2023-10-25T00:00:00
(10 months ago) |
|
| Fixed | = 10.5.1 |
CVE-2023-46651
|
JENKINS:SECURITY-3265
|
Exposure of system-scoped credentials in `warnings-ng` | medium |
2023-10-25T00:00:00
(10 months ago) |