← Back

Inedo Proget

inedo_proget

Vendor: Jenkins • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-10412
1Jenkins
1Inedo Proget
Nov 21, 2024
Sep 25, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
CVE-2018-1999034
1Jenkins
1Inedo Proget
Nov 21, 2024
Aug 1, 2018
N/A· v4
7.4 HIGH· v3
5.8 MEDIUM· v2
A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connect...Show more
A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to.Show less