Filtered by vendor Jenkins Subscriptions
Filtered by product M2release Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-10361 1 Jenkins 1 M2release 2024-08-04 5.5 Medium
Jenkins Maven Release Plugin 0.14.0 and earlier stored credentials unencrypted on the Jenkins master where they could be viewed by users with access to the master file system.
CVE-2019-10359 1 Jenkins 1 M2release 2024-08-04 6.3 Medium
A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier in the M2ReleaseAction#doSubmit method allowed attackers to perform releases with attacker-specified options.