Lucene search
JenkinsCVELIST:CVE-2022-29052HistoryApr 12, 2022 - 7:50 p.m.
CVE-2022-29052
2022-04-1219:50:54
jenkins
www.cve.org
Jenkins Google Compute Engine Plugin 4.3.8 and earlier stores private keys unencrypted in cloud agent config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.
CNA Affected
[
{
"product": "Jenkins Google Compute Engine Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "4.3.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
alpinelinux
alpinelinux
CVE-2022-29052
2022-04-12 20:15:09
prion
prion
Design/Logic Flaw
2022-04-12 20:15:00
nvd
nvd
CVE-2022-29052
2022-04-12 20:15:09
cve
cve
CVE-2022-29052
2022-04-12 20:15:09
osv
osv
CVE-2022-29052
2022-04-12 20:15:09
Private key stored in plain text by Jenkins Google Compute Engine Plugin
2022-04-13 00:00:15
cnvd
cnvd
Jenkins Google Compute Engine Plugin has an unspecified vulnerability
2022-04-13 00:00:00
github
github
Private key stored in plain text by Jenkins Google Compute Engine Plugin
2022-04-13 00:00:15
nessus
nessus