org.jenkins-ci.plugins:sidebar-link

Maven2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting org.jenkins-ci.plugins:sidebar-linkpage 1 of 1

CVE-2017-1000088MEDIUMCVSS 5.4EG 5.4✓ Fixed in 1.9
2017-10-05
vulnerable: 1.6, 1.7, 1.8
The Sidebar Link plugin allows users able to configure jobs, views, and agents to add entries to the sidebar of these objects. There was no input validation, which meant users were able to use javascript: schemes for these links.
CVE-2023-32985MEDIUMCVSS 4.3EG 4.3✓ Fixed in 2.2.2
2023-05-16
vulnerable: 1.10 ... 2.2.1 (15 versions)
Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on th…

Check whether org.jenkins-ci.plugins:sidebar-link is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.jenkins-ci.plugins:sidebar-link CVEs against the assets you own.

Start Free Scan →