Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.jenkins-ci.plugins/subversion@2.15.4
purl pkg:maven/org.jenkins-ci.plugins/subversion@2.15.4
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-2ftm-axhf-gbbd Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. CVE-2022-29046
GHSA-wpr6-qvcq-8269
VCID-2jz6-zhnd-9ffy Cross-Site Request Forgery (CSRF) A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL. CVE-2022-29048
GHSA-m5cw-c64p-77h6

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T16:00:17.735616+00:00 GHSA Importer Fixing VCID-2ftm-axhf-gbbd https://github.com/advisories/GHSA-wpr6-qvcq-8269 38.0.0
2026-04-01T16:00:17.635405+00:00 GHSA Importer Fixing VCID-2jz6-zhnd-9ffy https://github.com/advisories/GHSA-m5cw-c64p-77h6 38.0.0
2026-04-01T13:05:10.225105+00:00 GithubOSV Importer Fixing VCID-2jz6-zhnd-9ffy https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-m5cw-c64p-77h6/GHSA-m5cw-c64p-77h6.json 38.0.0
2026-04-01T13:05:06.194135+00:00 GithubOSV Importer Fixing VCID-2ftm-axhf-gbbd https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-wpr6-qvcq-8269/GHSA-wpr6-qvcq-8269.json 38.0.0