org.jenkins-ci.plugins:sounds

Maven2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting org.jenkins-ci.plugins:soundspage 1 of 1

CVE-2020-2097HIGHCVSS 8.8EG 8.8✓ Fixed in 0.6
2020-01-15
vulnerable: 0.5
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins.
CVE-2020-2098HIGHCVSS 8.8EG 8.8✓ Fixed in 0.6
2020-01-15
vulnerable: 0.5
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.

Check whether org.jenkins-ci.plugins:sounds is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.jenkins-ci.plugins:sounds CVEs against the assets you own.

Start Free Scan →