Jenkins - M2release CVE

Filtered by vendor Jenkins Subscribe

Filtered by product M2release

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-10361	1 Jenkins	1 M2release	2024-02-04	2.1 LOW	5.5 MEDIUM
Jenkins Maven Release Plugin 0.14.0 and earlier stored credentials unencrypted on the Jenkins master where they could be viewed by users with access to the master file system.
CVE-2019-10359	1 Jenkins	1 M2release	2024-02-04	6.8 MEDIUM	6.3 MEDIUM
A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier in the M2ReleaseAction#doSubmit method allowed attackers to perform releases with attacker-specified options.

Vulnerabilities (CVE)