VulnerableCode Package Details - pkg:maven/org.jenkins-ci.plugins/mesos@0.18

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-ceau-ygrr-3be2	Server-Side Request Forgery (SSRF) An improper authorization vulnerability exists in the Jenkins Mesos Plugin in `MesosCloud.java` that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos server with attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.	CVE-2018-1000421 GHSA-5q7j-8hpc-4848
VCID-yvsq-zaa9-kqg6	Incorrect Authorization An improper authorization vulnerability exists in the Jenkins Mesos Plugin in `MesosCloud.java` that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins.	CVE-2018-1000420 GHSA-23xr-9xxr-vg3c

Vulnerability

Summary

Aliases

VCID-ceau-ygrr-3be2

Server-Side Request Forgery (SSRF) An improper authorization vulnerability exists in the Jenkins Mesos Plugin in `MesosCloud.java` that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos server with attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVE-2018-1000421
GHSA-5q7j-8hpc-4848

VCID-yvsq-zaa9-kqg6

Incorrect Authorization An improper authorization vulnerability exists in the Jenkins Mesos Plugin in `MesosCloud.java` that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins.

CVE-2018-1000420
GHSA-23xr-9xxr-vg3c

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-04T14:30:34.552880+00:00	GHSA Importer	Fixing	VCID-ceau-ygrr-3be2	https://github.com/advisories/GHSA-5q7j-8hpc-4848	38.1.0
2026-04-04T14:30:02.737065+00:00	GHSA Importer	Fixing	VCID-yvsq-zaa9-kqg6	https://github.com/advisories/GHSA-23xr-9xxr-vg3c	38.1.0
2026-04-01T13:11:20.572938+00:00	GithubOSV Importer	Fixing	VCID-yvsq-zaa9-kqg6	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-23xr-9xxr-vg3c/GHSA-23xr-9xxr-vg3c.json	38.0.0
2026-04-01T13:10:36.844487+00:00	GithubOSV Importer	Fixing	VCID-ceau-ygrr-3be2	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-5q7j-8hpc-4848/GHSA-5q7j-8hpc-4848.json	38.0.0
2026-04-01T12:50:34.847127+00:00	GitLab Importer	Fixing	VCID-ceau-ygrr-3be2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.plugins/mesos/CVE-2018-1000421.yml	38.0.0
2026-04-01T12:50:10.267037+00:00	GitLab Importer	Fixing	VCID-yvsq-zaa9-kqg6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.plugins/mesos/CVE-2018-1000420.yml	38.0.0