PT-2020-15415 · Jenkins · Jenkins Sonargraph Integration Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Sonargraph Integration Plugin versions 3.0.0 and earlier Description: The issue results in a stored cross-site scripting vulnerability due to the failure to escape the file path for the Log file field form validation. This can be...

com.diffplug.gradle.spotless:com.diffplug.gradle.spotless.gradle.plugin (>=3.0.0 <=3.19.0), gradle.plugin.io.beekeeper.gradle:beekeeper-formatter-plugin (=0.1) +18 more potentially affected by CVE-2019-9843 via com.diffplug.spotless:spotless-plugin-gradle (>=3.0.0 <=3.1.0)

com.diffplug.spotless:spotless-plugin-gradle MAVEN version =3.0.0, =3.0.0, =0.2, =0.1, =0.2, =0.2, =0.12.0, =0.12.0, =0.1.7, =1.0.0, =1.0.0, =0.1.7, =1.0.2, =0.1.7, =1.1.0 and more Source cves: CVE-2019-9843 Source advisory: OSV:GHSA-7V35-QWWJ-P98Ghttps://vulners...