Maven package
org.jvnet.hudson.plugins/hipchat
pkg:maven/org.jvnet.hudson.plugins/hipchat
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-1000419 | — | < 2.2.1 | 2.2.1 | Jan 9, 2019 | An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins. | ||
| CVE-2018-1000418 | — | < 2.2.1 | 2.2.1 | Jan 9, 2019 | An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to send test notifications to an attacker-specified HipChat server with attacker-specified credentials IDs obtained th |
- CVE-2018-1000419Jan 9, 2019affected < 2.2.1fixed 2.2.1
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins.
- CVE-2018-1000418Jan 9, 2019affected < 2.2.1fixed 2.2.1
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to send test notifications to an attacker-specified HipChat server with attacker-specified credentials IDs obtained th