Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials in the storage of authentication tokens in plaintext within config.xml files on the controller. An attacker can gain unauthorized access to sensitive credentials by obtaining Item/Extended Read...

Open Redirect

Overview org.jenkins-ci.main:jenkins-core is an open source automation server. Affected versions of this package are vulnerable to Open Redirect due to improper handling of redirects that start with backslash characters. An attacker can mislead users to malicious sites by crafting a Jenkins URL...

com.cloudbees.jenkins.plugins:additional-identities-plugin (=1.1), com.exxeta.jenkins.plugins:sidebar-update-notification (>=1.0.1 <=1.1.0) +60 more potentially affected by CVE-2013-7330 via org.jenkins-ci.main:jenkins-core (>=1.481 <=1.501)

org.jenkins-ci.main:jenkins-core MAVEN version =1.481, =1.0.1, =1.15, =1.1, =1.0, =1.0.3, =0.2.0, =0.1.0, =1.0.0, =1.0.5, =1.481, =1.501 and more Source cves: CVE-2013-7330 Source advisory: OSV:GHSA-H5JV-HG68-MJHG...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +923 more potentially affected by CVE-2014-2064 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.532.1.JENKINS-19453)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =0.0.1, =0.9, =1.0, =1.0.0, =1.0, =1.0-beta-1, =2.1, =1.0, =1.1, =2.0.6 - com.cisco.step.jenkins.plugins:jenkow-parent =0.1 and more Source cves: CVE-2014-2064 Source advisory: OSV:GHSA-9VG9-X38G-9HFX...