Maven package
org.jenkins-ci.plugins/reverse-proxy-auth-plugin
pkg:maven/org.jenkins-ci.plugins/reverse-proxy-auth-plugin
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-32987 | — | < 1.7.5 | 1.7.5 | May 16, 2023 | A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials. | ||
| CVE-2018-1000150 | Low | 3.3 | < 1.6.0 | 1.6.0 | Apr 5, 2018 | An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealm#authContext that allows attackers with local file system access to obtain a list of authorities for logged in users. |
- CVE-2023-32987May 16, 2023affected < 1.7.5fixed 1.7.5
A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials.
- affected < 1.6.0fixed 1.6.0
An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealm#authContext that allows attackers with local file system access to obtain a list of authorities for logged in users.