Maven package
org.jenkins-ci.ruby-plugins/gitlab-hook
pkg:maven/org.jenkins-ci.ruby-plugins/gitlab-hook
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-2096 | — | <= 1.4.2 | — | Jan 15, 2020 | Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected XSS vulnerability. | ||
| CVE-2018-1000196 | — | <= 1.4.2 | — | Jun 5, 2018 | A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlab_notifier.rb, views/gitlab_notifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser (e |
- CVE-2020-2096Jan 15, 2020affected <= 1.4.2
Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected XSS vulnerability.
- CVE-2018-1000196Jun 5, 2018affected <= 1.4.2
A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlab_notifier.rb, views/gitlab_notifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser (e