VYPR

Maven package

org.jenkins-ci.plugins/collabnet

pkg:maven/org.jenkins-ci.plugins/collabnet

Vulnerabilities (2)

  • CVE-2022-38665Aug 23, 2022
    affected < 2.0.9fixed 2.0.9

    Jenkins CollabNet Plugins Plugin 2.0.8 and earlier stores a RabbitMQ password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.

  • CVE-2018-1000605HigJun 26, 2018
    affected < 2.0.5fixed 2.0.5

    A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to.