Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-10359 | 1 Jenkins | 1 M2release | 2023-02-02 | 6.8 MEDIUM | 6.3 MEDIUM |
A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier in the M2ReleaseAction#doSubmit method allowed attackers to perform releases with attacker-specified options. | |||||
CVE-2019-10361 | 1 Jenkins | 1 M2release | 2020-10-02 | 2.1 LOW | 5.5 MEDIUM |
Jenkins Maven Release Plugin 0.14.0 and earlier stored credentials unencrypted on the Jenkins master where they could be viewed by users with access to the master file system. |