VYPR

Maven package

org.jenkins-ci.plugins/reverse-proxy-auth-plugin

pkg:maven/org.jenkins-ci.plugins/reverse-proxy-auth-plugin

Vulnerabilities (2)

  • CVE-2023-32987May 16, 2023
    affected < 1.7.5fixed 1.7.5

    A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials.

  • CVE-2018-1000150LowApr 5, 2018
    affected < 1.6.0fixed 1.6.0

    An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealm#authContext that allows attackers with local file system access to obtain a list of authorities for logged in users.