org.jvnet.hudson.plugins:analysis-core@1.13 vulnerabilities
-
latest version
1.16
-
first published
14 years ago
-
latest version published
13 years ago
-
licenses detected
- (BSD-2-Clause OR MIT)[0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.jvnet.hudson.plugins:analysis-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
org.jvnet.hudson.plugins:analysis-core is a Jenkins plugin to read static analysis reports into a Java object model. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the "Details" view. How to fix Cross-site Scripting (XSS)? Upgrade |
[,1.92)
|
org.jvnet.hudson.plugins:analysis-core is a Jenkins plugin to read static analysis reports into a Java object model. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Static Analysis Utilities Plugin 1.96 and earlier does not escape the annotation message in tooltips. This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission. How to fix Cross-site Scripting (XSS)? There is no fixed version for |
[0,)
|
org.jvnet.hudson.plugins:analysis-core is a Jenkins plugin to read static analysis reports into a Java object model. Affected versions of this package are vulnerable to Access Control Bypass. A missing permission check within How to fix Access Control Bypass? Upgrade |
[,1.96)
|
org.jvnet.hudson.plugins:analysis-core is a Jenkins plugin to read static analysis reports into a Java object model. Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF). The How to fix Cross-site Request Forgery (CSRF)? Upgrade |
[,1.96)
|