Maven package
de.einsundeins.jenkins.plugins.failedjobdeactivator/failedJobDeactivator
pkg:maven/de.einsundeins.jenkins.plugins.failedjobdeactivator/failedJobDeactivator
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-34818 | — | <= 1.2.1 | — | Jun 30, 2022 | Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs. | ||
| CVE-2022-34817 | — | <= 1.2.1 | — | Jun 30, 2022 | A cross-site request forgery (CSRF) vulnerability in Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier allows attackers to disable jobs. |
- CVE-2022-34818Jun 30, 2022affected <= 1.2.1
Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs.
- CVE-2022-34817Jun 30, 2022affected <= 1.2.1
A cross-site request forgery (CSRF) vulnerability in Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier allows attackers to disable jobs.