org.jvnet.hudson.plugins:warnings@1.19 vulnerabilities
-
latest version
3.13
-
first published
16 years ago
-
latest version published
13 years ago
-
licenses detected
- (BSD-2-Clause OR LGPL-3.0 OR MIT)[1.4,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.jvnet.hudson.plugins:warnings package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.jvnet.hudson.plugins:warnings is a Jenkins warnings plugin. Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF). An attacker could execute arbitrary code via a form validation HTTP endpoint. How to fix Cross-site Request Forgery (CSRF)? Upgrade |
[,5.0.1)
|
org.jvnet.hudson.plugins:warnings collects the compiler warnings of the project modules and visualizes the results. Affected versions of this package are vulnerable to XML External Entity (XXE) Injection in files it parses as part of the build process. It allows attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks. How to fix XML External Entity (XXE) Injection? Upgrade |
[,4.65)
|