VYPR

Maven package

org.jenkins-ci.plugins/vsphere-cloud

pkg:maven/org.jenkins-ci.plugins/vsphere-cloud

Vulnerabilities (3)

  • CVE-2018-1000153HigApr 5, 2018
    affected < 2.17fixed 2.17

    A cross-site request forgery vulnerability exists in Jenkins vSphere Plugin 2.16 and older in Clone.java, CloudSelectorParameter.java, ConvertToTemplate.java, ConvertToVm.java, Delete.java, DeleteSnapshot.java, Deploy.java, ExposeGuestInfo.java, FolderVSphereCloudProperty.java, P

  • CVE-2018-1000152MedApr 5, 2018
    affected < 2.17fixed 2.17

    An improper authorization vulnerability exists in Jenkins vSphere Plugin 2.16 and older in Clone.java, CloudSelectorParameter.java, ConvertToTemplate.java, ConvertToVm.java, Delete.java, DeleteSnapshot.java, Deploy.java, ExposeGuestInfo.java, FolderVSphereCloudProperty.java, Powe

  • CVE-2018-1000151MedApr 5, 2018
    affected < 2.17fixed 2.17

    A man in the middle vulnerability exists in Jenkins vSphere Plugin 2.16 and older in VSphere.java that disables SSL/TLS certificate validation by default.