Vulnerabilities (CVE)

Filtered by vendor Jenkins Subscribe

Filtered by product Maven

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-10358	1 Jenkins	1 Maven	2021-10-28	4.0 MEDIUM	6.5 MEDIUM
Jenkins Maven Integration Plugin 3.3 and earlier did not apply build log decorators to module builds, potentially revealing sensitive build variables in the build log.
CVE-2017-1000397	1 Jenkins	1 Maven	2018-02-08	4.3 MEDIUM	5.9 MEDIUM
Jenkins Maven Plugin 2.17 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly verified SSL certificates, making it susceptible to man-in-the-middle attacks. Maven Plugin 3.0 no longer has a dependency on commons-httpclient.