eyalbe4
commented
1 year ago - [ ] This pull request is created in the jfrog/jenkins-jfrog-plugin repository.
Closed eyalbe4 closed 1 year ago
eyalbe4
commented
1 year ago 
github-actions[bot]
commented
1 year ago 
| SEVERITY | DIRECT DEPENDENCIES | DIRECT DEPENDENCIES VERSIONS | IMPACTED DEPENDENCY NAME | IMPACTED DEPENDENCY VERSION | FIXED VERSIONS | CVE |
|---|---|---|---|---|---|---|
 Critical |
org.jenkins-ci.main:jenkins-core | 2.346.3 | org.springframework.security:spring-security-core | 5.6.3 | [5.6.9] [5.7.5] |
CVE-2022-31692 |
Critical |
org.jenkins-ci.main:jenkins-core | 2.346.3 | org.springframework:spring-web | 5.3.20 | [6.0.0] | CVE-2016-1000027 |
Critical |
org.jenkins-ci.main:jenkins-core | 2.346.3 | org.springframework.security:spring-security-core | 5.6.3 | [5.5.7] [5.6.4] |
CVE-2022-22978 |
 High |
org.jenkins-ci.main:jenkins-core | 2.346.3 | org.jenkins-ci.main:jenkins-core | 2.346.3 | [2.332.4] [2.356] |
CVE-2022-34174 |
High |
org.jenkins-ci.main:jenkins-core | 2.346.3 | org.jenkins-ci.main:jenkins-core | 2.346.3 | [2.356] | CVE-2022-34175 |
 Medium |
org.jenkins-ci.main:jenkins-core | 2.346.3 | org.jenkins-ci.main:jenkins-core | 2.346.3 | [2.356] | CVE-2022-34173 |
Medium |
org.jenkins-ci.main:jenkins-core | 2.346.3 | org.jenkins-ci.main:jenkins-core | 2.346.3 | [2.332.4] [2.356] |
CVE-2022-34172 |
Medium |
org.jenkins-ci.main:jenkins-core | 2.346.3 | org.springframework.security:spring-security-core | 5.6.3 | [5.5.7] [5.6.4] |
CVE-2022-22976 |