VYPR

Maven package

org.jenkins-ci.plugins/sounds

pkg:maven/org.jenkins-ci.plugins/sounds

Vulnerabilities (2)

  • CVE-2020-2098Jan 15, 2020
    affected < 0.6fixed 0.6

    A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.

  • CVE-2020-2097Jan 15, 2020
    affected < 0.6fixed 0.6

    Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins.