com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) +30 more potentially affected by CVE-2020-2316 via org.jvnet.hudson.plugins:analysis-core (>=1.0 <=1.94)

org.jvnet.hudson.plugins:analysis-core MAVEN version =1.0, =1.7.2, =1.0.0, =0.9, =2.5.0, =2.5.0, =2.5.0, =2.5.0, =0.7, =1.20, =1.0.1, =0.3, =7.97, =1.0, =1.0, =1.20 and more Source cves: CVE-2020-2316 Source advisory: OSV:GHSA-FG6G-52RG-VR9Q...

com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) +30 more potentially affected by CVE-2019-10308 via org.jvnet.hudson.plugins:analysis-core (>=1.0 <=1.94)

org.jvnet.hudson.plugins:analysis-core MAVEN version =1.0, =1.7.2, =1.0.0, =0.9, =2.5.0, =2.5.0, =2.5.0, =2.5.0, =0.7, =1.20, =1.0.1, =0.3, =7.97, =1.0, =1.0, =1.20 and more Source cves: CVE-2019-10308 Source advisory: OSV:GHSA-VVFJ-P4JF-J8RM...

com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) +30 more potentially affected by CVE-2019-10307 via org.jvnet.hudson.plugins:analysis-core (>=1.0 <=1.94)

org.jvnet.hudson.plugins:analysis-core MAVEN version =1.0, =1.7.2, =1.0.0, =0.9, =2.5.0, =2.5.0, =2.5.0, =2.5.0, =0.7, =1.20, =1.0.1, =0.3, =7.97, =1.0, =1.0, =1.20 and more Source cves: CVE-2019-10307 Source advisory: OSV:GHSA-3V9F-4VFF-RX42...

GHSA-3V9F-4VFF-RX42 Jenkins Static Analysis Utilities Plugin is vulnerable to Cross-site request forgery vulnerability

Jenkins analysis-core Plugin has the capability to allow other plugins to display trend graphs for their static analysis results. analysis-core Plugin provides the configuration form for the default settings of each graph. The configuration form and form submission handler did not perform a...

com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) +30 more potentially affected by CVE-2017-1000102 via org.jvnet.hudson.plugins:analysis-core (>=1.0 <=1.9)

org.jvnet.hudson.plugins:analysis-core MAVEN version =1.0, =1.7.2, =1.0.0, =0.9, =2.5.0, =2.5.0, =2.5.0, =2.5.0, =0.7, =1.20, =1.0.1, =0.3, =7.97, =1.0, =1.0, =1.19 and more Source cves: CVE-2017-1000102 Source advisory: OSV:GHSA-9C2P-99PG-C4J9...

PT-2019-11709 · Jenkins · Jenkins Static Analysis Utilities Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Static Analysis Utilities Plugin version 1.95 and earlier Jenkins analysis-core Plugin affected versions not specified Description: A cross-site request forgery issue exists due to the lack of permission checks and the acceptance of...