Maven package
org.6wind.jenkins/lockable-resources
pkg:maven/org.6wind.jenkins/lockable-resources
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-2281 | — | < 2.9 | 2.9 | Sep 23, 2020 | A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources. | ||
| CVE-2019-1003042 | — | < 2.5 | 2.5 | Mar 28, 2019 | A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the plugin. |
- CVE-2020-2281Sep 23, 2020affected < 2.9fixed 2.9
A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources.
- CVE-2019-1003042Mar 28, 2019affected < 2.5fixed 2.5
A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the plugin.