Information Exposure Affecting org.jvnet.hudson.plugins:monitoring package, versions [,1.53.0)


Severity

Recommended
0.0
medium
0
10

CVSS assessment made by Snyk's Security Team. Learn more

Threat Intelligence

EPSS
0.3% (69th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-JAVA-ORGJVNETHUDSONPLUGINS-32324
  • published28 May 2018
  • disclosed1 Oct 2014
  • creditWilder Rodrigues

Introduced: 1 Oct 2014

CVE-2014-3679  (opens in a new tab)
CWE-200  (opens in a new tab)

How to fix?

Upgrade org.jvnet.hudson.plugins:monitoring to version 1.53.0 or higher.

Overview

org.jvnet.hudson.plugins:monitoring is a Plugin for JavaMelody to monitor performance in a Jenkins server.

Affected versions of this package are vulnerable to Information Exposure. A malicious user could obtain sensitive information by accessing unspecified pages.

CVSS Scores

version 3.1