Maven package
org.jenkins-ci.plugins/collabnet
pkg:maven/org.jenkins-ci.plugins/collabnet
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-38665 | — | < 2.0.9 | 2.0.9 | Aug 23, 2022 | Jenkins CollabNet Plugins Plugin 2.0.8 and earlier stores a RabbitMQ password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | ||
| CVE-2018-1000605 | Hig | 7.4 | < 2.0.5 | 2.0.5 | Jun 26, 2018 | A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to. |
- CVE-2022-38665Aug 23, 2022affected < 2.0.9fixed 2.0.9
Jenkins CollabNet Plugins Plugin 2.0.8 and earlier stores a RabbitMQ password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
- affected < 2.0.5fixed 2.0.5
A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to.