search

jfrog / jenkins-artifactory-plugin

Jenkins artifactory plugin
http://jenkins-ci.org/
116 stars 190 forks source link

[šŸø Frogbot] Update version of org.jenkins-ci.plugins:jenkins-multijob-plugin to [1.26] #860

Open github-actions[bot] opened 1 year ago

github-actions[bot] commented 1 year ago
[![](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerPR.png)](https://github.com/jfrog/frogbot#readme)

šŸ“¦ Vulnerable Dependencies

āœļø Summary

| SEVERITY | CONTEXTUAL ANALYSIS | DIRECT DEPENDENCIES | IMPACTED DEPENDENCY | FIXED VERSIONS | | :---------------------: | :----------------------------------: | :----------------------------------: | :-----------------------------------: | :---------------------------------: | | ![](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/applicableMediumSeverity.png)
Medium | Undetermined | org.jenkins-ci.plugins:jenkins-multijob-plugin:1.13 | org.jenkins-ci.plugins:jenkins-multijob-plugin:1.13 | [1.26] |

šŸ‘‡ Details

Description:

Jenkins Multijob plugin version 1.25 and earlier did not check permissions in the Resume Build action, allowing anyone with Job/Read permission to resume the build.

[JFrog Frogbot](https://github.com/jfrog/frogbot#readme)