Samsung / Universum

Universum project is a Python solution that simplifies SW project verification by integrating existing CI systems and provides additional functionality for CI.

There is a vulnerability in Jenkins 2.85,upgrade recommended

QiAnXinCodeSafe opened this issue 3 years ago · comments

奇安信CodeSafe commented 3 years ago

Universum/universum_log_collapser/universum_log_collapser/pom.xml

Line 42 in 0c1b09d

<version>2.85</version>

CVE-2018-1000861 CVE-2018-1999002 CVE-2019-10353 CVE-2019-1003049 CVE-2020-2099

Recommended upgrade version：2.300-r0

i-keliukh commented 2 years ago

The jenkins plugin is removed from the repository. There is no need to create the fix.