Maven package
org.jenkins-ci.plugins/dimensionsscm
pkg:maven/org.jenkins-ci.plugins/dimensionsscm
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-32263 | Low | 2.6 | >= 0.8.17, < 0.9.3.1 | 0.9.3.1 | Jul 19, 2023 | A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability could be exploited to retrieve a login certificate if an authenticated user is duped into using an attacker-controlled Dimensions CM server. This vulnerability o | |
| CVE-2023-32262 | Med | 4.3 | < 0.9.3.1 | 0.9.3.1 | Jul 19, 2023 | A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Item/Configure permission to access and capture credentials they are not entitled to. See the following Jenkins security advisory for detail | |
| CVE-2023-32261 | Med | 4.2 | < 0.9.3.1 | 0.9.3.1 | Jul 19, 2023 | A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. See the following Jenkins security advisory for detai |
- affected >= 0.8.17, < 0.9.3.1fixed 0.9.3.1
A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability could be exploited to retrieve a login certificate if an authenticated user is duped into using an attacker-controlled Dimensions CM server. This vulnerability o
- affected < 0.9.3.1fixed 0.9.3.1
A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Item/Configure permission to access and capture credentials they are not entitled to. See the following Jenkins security advisory for detail
- affected < 0.9.3.1fixed 0.9.3.1
A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. See the following Jenkins security advisory for detai