5 matches found
com.base2services.jenkins:github-sqs-plugin (>=1.0 <=1.1), com.elasticbox.jenkins-ci.plugins:elasticbox (>=4.0.9 <=4.1.6) +23 more potentially affected by CVE-2018-1000184 via com.coravy.hudson.plugins.github:github (>=1.10 <=1.27.0)
com.coravy.hudson.plugins.github:github MAVEN version =1.10, =1.0, =4.0.9, =1.0-alpha-1, =1.0-alpha-1, =1.0-alpha-1, =1.0.0, =1.0.0, =1.0-alpha-8, =1.0-alpha-4, =0.1-preview-4, =1.0-alpha-1, =1.3.0, =1.0, =0.9.14, =1.36.0, =1.42.2 and more Source cves: CVE-2018-1000184 Source advisory:...
CVE-2018-1000184
A server-side request forgery vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubPluginConfig.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL...
CVE-2018-1000184
A server-side request forgery vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubPluginConfig.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL...
CVE-2018-1000184
A server-side request forgery vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubPluginConfig.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL...
CVE-2018-1000184
The CVE refers to a server-side request forgery in the Jenkins GitHub Plugin (versions ≤ 1.29.0) where the vulnerable code GitHubPluginConfig.java allows an attacker with Overall/Read access to trigger Jenkins to issue a GET request to an arbitrary URL. This SSRF impact is documented across multi...