56 matches found
PT-2022-25752 · Jenkins · Jenkins Dotci Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins DotCi Plugin versions 2.40.00 and earlier Description: The issue arises from the Jenkins DotCi Plugin not configuring its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1), com.amcbridge:build-configurator (>=1.0.5.0 <=1.0.6.1) +92 more potentially affected by CVE-2022-36882 via org.jenkins-ci.plugins:git (>=1.2.0 <=4.0.0-rc)
org.jenkins-ci.plugins:git MAVEN version =1.2.0, =1.0.5.0, =1.1.0, =1.9.2-beta, =1.9, =4.0.9, =1.1.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.1.0, =1.0.0, =1.0.22, =1.0.57 and more Source cves: CVE-2022-36882 Source advisory: OSV:GHSA-8XWJ-2WGH-GPRH...
com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) potentially affected by CVE-2020-2317 via org.jvnet.hudson.plugins:findbugs (>=4.51 <=4.62)
org.jvnet.hudson.plugins:findbugs MAVEN version =4.51, =1.7.2, =1.0.0, =1.7.1 Source cves: CVE-2020-2317 Source advisory: OSV:GHSA-24G8-35X9-FV8R...
br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin (>=0.3.5 <=0.3.15), com.barchart.jenkins:maven-release-cascade (>=1.0.0 <=1.3.2) +109 more potentially affected by CVE-2019-10337 via org.jenkins-ci.plugins:token-macro (>=1.0 <=2.7)
org.jenkins-ci.plugins:token-macro MAVEN version =1.0, =0.3.5, =1.0.0, =1.14.1, =4.1.1, =1.7.2, =1.1.2, =0.18, =0.1, =2.5.8, =3.0, =1.0-alpha-1, =1.2.0-beta-1 and more Source cves: CVE-2019-10337 Source advisory: OSV:GHSA-G6H2-4X64-C59X...
com.groupon.jenkins-ci.plugins:DotCi (>=1.0.0 <=2.27.0), com.groupon.jenkins-ci.plugins:DotCi-DockerPublish (>=1.0.0 <=1.0.3) +5 more potentially affected by CVE-2019-10315 via org.jenkins-ci.plugins:github-oauth (>=0.14 <=0.20)
org.jenkins-ci.plugins:github-oauth MAVEN version =0.14, =1.0.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.0.0, =1.0.0, =1.1.2 Source cves: CVE-2019-10315 Source advisory: OSV:GHSA-PHWV-CRGP-9R69...
com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) +30 more potentially affected by CVE-2019-10307 via org.jvnet.hudson.plugins:analysis-core (>=1.0 <=1.94)
org.jvnet.hudson.plugins:analysis-core MAVEN version =1.0, =1.7.2, =1.0.0, =0.9, =2.5.0, =2.5.0, =2.5.0, =2.5.0, =0.7, =1.20, =1.0.1, =0.3, =7.97, =1.0, =1.0, =1.20 and more Source cves: CVE-2019-10307 Source advisory: OSV:GHSA-3V9F-4VFF-RX42...
appscanstandard-integration:ibm-security-appscanstandard-scanner (>=1.0 <=2.8), com.compuware.jenkins:compuware-common-configuration (>=1.0.6 <=1.0.11) +83 more potentially affected by CVE-2016-3726 via org.jenkins-ci.main:jenkins-core (>=1.652 <=2.29)
org.jenkins-ci.main:jenkins-core MAVEN version =1.652, =1.0, =1.0.6, =2.0.0, =2.0, =1.0.2, =1.0.0, =0.1.0, =0.1.0, =2.30.2, =1.2.0, =1.1.0, =0.17, =1.1.7, =1.2, =1.7 and more Source cves: CVE-2016-3726 Source advisory: OSV:GHSA-RX4R-GXPC-H85X...
com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) +1 more potentially affected by CVE-2018-1000009 via org.jvnet.hudson.plugins:checkstyle (>=3.32 <=3.43)
org.jvnet.hudson.plugins:checkstyle MAVEN version =3.32, =1.7.2, =1.0.0, =1.7.1 - org.jenkins-ci.plugins:php =1.0 Source cves: CVE-2018-1000009 Source advisory: OSV:GHSA-JFJ9-7J5W-6XGX...
com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) +1 more potentially affected by CVE-2018-1000008 via org.jvnet.hudson.plugins:pmd (>=3.33 <=3.42)
org.jvnet.hudson.plugins:pmd MAVEN version =3.33, =1.7.2, =1.0.0, =1.7.1 - org.jenkins-ci.plugins:php =1.0 Source cves: CVE-2018-1000008 Source advisory: OSV:GHSA-687X-269M-7CV9...
com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) +2 more potentially affected by CVE-2018-1000011 via org.jvnet.hudson.plugins.findbugs:library (>=1.3.9 <=4.0.0)
org.jvnet.hudson.plugins.findbugs:library MAVEN version =1.3.9, =1.7.2, =1.0.0, =1.0.0, =4.3, =5.0.0-beta3 Source cves: CVE-2018-1000011 Source advisory: OSV:GHSA-PR9H-G7P7-RRQH...
com.groupon.jenkins-ci.plugins:DotCi (>=2.8.9 <=2.40.00), com.groupon.jenkins-ci.plugins:DotCi-Fig-template (=1.1.0) +5 more potentially affected by CVE-2018-1000415 via com.sonyericsson.hudson.plugins.rebuild:rebuild (>=1.16 <=1.25)
com.sonyericsson.hudson.plugins.rebuild:rebuild MAVEN version =1.16, =2.8.9, =1.1.3, =1.7.2, =1.1.2, =1.0.0, =1.1.2 - hudson.plugins:project-inheritance =2.0.0 Source cves: CVE-2018-1000415 Source advisory: OSV:GHSA-7M8V-W6F9-Q2F9...
com.groupon.jenkins-ci.plugins:DotCi (>=1.0.0 <=2.27.0), com.groupon.jenkins-ci.plugins:DotCi-DockerPublish (>=1.0.0 <=1.0.3) +5 more potentially affected by CVE-2019-1003018 via org.jenkins-ci.plugins:github-oauth (>=0.14 <=0.20)
org.jenkins-ci.plugins:github-oauth MAVEN version =0.14, =1.0.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.0.0, =1.0.0, =1.1.2 Source cves: CVE-2019-1003018 Source advisory: OSV:GHSA-87PJ-9Q82-M9QH...
com.groupon.jenkins-ci.plugins:DotCi (>=1.0.0 <=2.27.0), com.groupon.jenkins-ci.plugins:DotCi-DockerPublish (>=1.0.0 <=1.0.3) +5 more potentially affected by CVE-2019-1003019 via org.jenkins-ci.plugins:github-oauth (>=0.14 <=0.20)
org.jenkins-ci.plugins:github-oauth MAVEN version =0.14, =1.0.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.0.0, =1.0.0, =1.1.2 Source cves: CVE-2019-1003019 Source advisory: OSV:GHSA-MCQX-WC2J-QX9V...
com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) potentially affected by CVE-2016-4986 via org.tap4j:tap (=1.10)
org.tap4j:tap MAVEN version =1.10 is affected by a known vulnerability. The following packages have a transitive dependency on org.tap4j:tap and may be impacted: - com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack =1.7.2, =1.0.0, =1.7.1 Source cves: CVE-2016-4986 Source advisory:...
br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin (>=0.3.5 <=0.3.15), com.barchart.jenkins:maven-release-cascade (>=1.0.0 <=1.3.2) +109 more potentially affected by CVE-2019-1003011 via org.jenkins-ci.plugins:token-macro (>=1.0 <=2.5)
org.jenkins-ci.plugins:token-macro MAVEN version =1.0, =0.3.5, =1.0.0, =1.14.1, =4.1.1, =1.7.2, =1.1.2, =0.18, =0.1, =2.5.8, =3.0, =1.0-alpha-1, =1.2.0-beta-1 and more Source cves: CVE-2019-1003011 Source advisory: OSV:GHSA-23H9-M55M-C5JP...
com.groupon.jenkins-ci.plugins:DotCi (>=1.1.1 <=2.36.2), com.groupon.jenkins-ci.plugins:DotCi-DockerPublish (>=1.0.0 <=1.0.3) +10 more potentially affected by CVE-2022-20615 via org.jenkins-ci.plugins:matrix-project (=1.2)
org.jenkins-ci.plugins:matrix-project MAVEN version =1.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:matrix-project and may be impacted: - com.groupon.jenkins-ci.plugins:DotCi =1.1.1, =1.0.0, =1.0.1, =1.1.3, =1.1.0, =1.0.0,...