VYPR

Maven package

com.inedo.proget/inedo-proget

pkg:maven/com.inedo.proget/inedo-proget

Vulnerabilities (3)

  • CVE-2019-10412Sep 25, 2019
    affected < 1.3fixed 1.3

    Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.

  • CVE-2019-10411Sep 25, 2019
    affected < 2.5.0fixed 2.5.0

    Jenkins Inedo BuildMaster Plugin 2.4.0 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.

  • CVE-2018-1999034HigAug 1, 2018
    affected < 1.0fixed 1.0

    A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to.