VYPR

Maven package

org.jenkins-ci.plugins/database

pkg:maven/org.jenkins-ci.plugins/database

Vulnerabilities (3)

  • CVE-2020-2242MedSep 1, 2020
    affected < 1.7fixed 1.7

    A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials.

  • CVE-2020-2241HigSep 1, 2020
    affected < 1.7fixed 1.7

    A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials.

  • CVE-2020-2240HigSep 1, 2020
    affected < 1.7fixed 1.7

    A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts.