Jenkins - M2release CVE

Filtered by vendor Jenkins Subscriptions

Filtered by product M2release Subscriptions

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2019-10361	1 Jenkins	1 M2release	2023-10-25	5.5 Medium
Jenkins Maven Release Plugin 0.14.0 and earlier stored credentials unencrypted on the Jenkins master where they could be viewed by users with access to the master file system.
CVE-2019-10359	1 Jenkins	1 M2release	2023-10-25	6.3 Medium
A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier in the M2ReleaseAction#doSubmit method allowed attackers to perform releases with attacker-specified options.

Page 1 of 1.