com.veracode.jenkins:veracode-scan

Maven2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting com.veracode.jenkins:veracode-scanpage 1 of 1

CVE-2023-25721MEDIUMCVSS 6.5EG 6.5✓ Fixed in 23.3.19.0
2023-03-28
vulnerable: 1.0.5-alpha ... 22.6.18.0 (14 versions)
Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agen…
CVE-2023-25722MEDIUMCVSS 5.5EG 5.5✓ Fixed in 23.3.19.0
2023-03-28
vulnerable: 1.0.5-alpha ... 22.6.18.0 (14 versions)
A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows loca…

Check whether com.veracode.jenkins:veracode-scan is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for com.veracode.jenkins:veracode-scan CVEs against the assets you own.

Start Free Scan →