Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.jenkins-ci.plugins/TestFairy@4.17.2

Type maven

Namespace org.jenkins-ci.plugins

Name TestFairy

Version 4.17.2

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-h1za-8d5q-7fep

vulnerability_id VCID-h1za-8d5q-7fep

summary

Insufficiently Protected Credentials
Jenkins TestFairy Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

references

reference_url	https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1062
reference_id
reference_type
scores
url	https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1062

reference_url	http://www.openwall.com/lists/oss-security/2019/04/12/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/04/12/2

reference_url	http://www.securityfocus.com/bid/107790
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107790

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2019-1003096
reference_id	CVE-2019-1003096
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2019-1003096

reference_url	https://github.com/advisories/GHSA-ffv8-x822-fx73
reference_id	GHSA-ffv8-x822-fx73
reference_type
scores
url	https://github.com/advisories/GHSA-ffv8-x822-fx73

fixed_packages

url	pkg:maven/org.jenkins-ci.plugins/TestFairy@4.17.2
purl	pkg:maven/org.jenkins-ci.plugins/TestFairy@4.17.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.plugins/TestFairy@4.17.2

aliases CVE-2019-1003096, GHSA-ffv8-x822-fx73

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h1za-8d5q-7fep

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.plugins/TestFairy@4.17.2

Package Instance