Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
8 Aug 2019
7 Aug 2019
How to fix?
There is no fixed version for
net.hurstfrost.jenkins:avatar is a plugin that allows avatar images to be uploaded and associated with Jenkins users.
Affected versions of this package are vulnerable to Missing Permission Check that allows attackers with
Overall/Read access to change the avatar of any user of Jenkins.