Cleartext Transmission of Sensitive Information in Jenkins Configuration as Code Plugin

2022-05-2416:51:51

Google

osv.dev

0.001 Low

EPSS

Percentile

28.5%

JSON

Jenkins Configuration as Code Plugin 1.24 and earlier did not reliably identify sensitive values expected to be exported in their encrypted form.

CPENameOperatorVersion
io.jenkins:configuration-as-codeeq1.17
io.jenkins:configuration-as-codeeq1.21
io.jenkins:configuration-as-codeeq1.0-rc3
io.jenkins:configuration-as-codeeq1.9
io.jenkins:configuration-as-codeeq1.2
io.jenkins:configuration-as-codeeq1.0-rc2
io.jenkins:configuration-as-codeeq0.10-alpha
io.jenkins:configuration-as-codeeq1.8
io.jenkins:configuration-as-codeeq1.12
io.jenkins:configuration-as-codeeq1.19

Name	Operator	Version
io.jenkins:configuration-as-code	eq	1.17
io.jenkins:configuration-as-code	eq	1.21
io.jenkins:configuration-as-code	eq	1.0-rc3
io.jenkins:configuration-as-code	eq	1.9
io.jenkins:configuration-as-code	eq	1.2
io.jenkins:configuration-as-code	eq	1.0-rc2
io.jenkins:configuration-as-code	eq	0.10-alpha
io.jenkins:configuration-as-code	eq	1.8
io.jenkins:configuration-as-code	eq	1.12
io.jenkins:configuration-as-code	eq	1.19