Maven package
org.jenkins-ci.plugins/koji
pkg:maven/org.jenkins-ci.plugins/koji
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-10314 | — | <= 0.3 | — | Apr 30, 2019 | Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM. | ||
| CVE-2019-10298 | — | <= 0.3 | — | Apr 4, 2019 | Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. |
- CVE-2019-10314Apr 30, 2019affected <= 0.3
Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM.
- CVE-2019-10298Apr 4, 2019affected <= 0.3
Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.