Maven package

io.jenkins.plugins/redhat-dependency-analytics

pkg:maven/io.jenkins.plugins/redhat-dependency-analytics

Vulnerabilities (1)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2024-23905		—		< 0.9.0	0.9.0	Jan 24, 2024	Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.

CVE-2024-23905Jan 24, 2024
affected < 0.9.0fixed 0.9.0
Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.