Maven package
org.jenkins-ci.plugins/sounds
pkg:maven/org.jenkins-ci.plugins/sounds
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-2098 | — | < 0.6 | 0.6 | Jan 15, 2020 | A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins. | ||
| CVE-2020-2097 | — | < 0.6 | 0.6 | Jan 15, 2020 | Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins. |
- CVE-2020-2098Jan 15, 2020affected < 0.6fixed 0.6
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.
- CVE-2020-2097Jan 15, 2020affected < 0.6fixed 0.6
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins.