Maven package
com.inflectra.spiratest.plugins/inflectra-spira-integration
pkg:maven/com.inflectra.spiratest.plugins/inflectra-spira-integration
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-16558 | — | < 3.2.4 | 3.2.4 | Dec 17, 2019 | Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM. | ||
| CVE-2019-16543 | — | < 3.2.3 | 3.2.3 | Nov 21, 2019 | Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. |
- CVE-2019-16558Dec 17, 2019affected < 3.2.4fixed 3.2.4
Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM.
- CVE-2019-16543Nov 21, 2019affected < 3.2.3fixed 3.2.3
Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.