Jenkins OpsGenie Plugin Plaintext Storage of a Password vulnerability

Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in its global configuration file com.opsgenie.integration.jenkins.OpsGenieNotifier.xml and in job config.xml files on the Jenkins controller as part of its configuration. Additionally, they are transmitted in plain text as part o...

GHSA-273C-FJW8-V2W8 Jenkins OpsGenie Plugin Plaintext Storage of a Password vulnerability

Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in its global configuration file com.opsgenie.integration.jenkins.OpsGenieNotifier.xml and in job config.xml files on the Jenkins controller as part of its configuration. Additionally, they are transmitted in plain text as part o...

Jenkins OpsGenie Plugin vulnerable to Cleartext Transmission of Sensitive Information

Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in its global configuration file com.opsgenie.integration.jenkins.OpsGenieNotifier.xml and in job config.xml files on the Jenkins controller as part of its configuration. Additionally, they are transmitted in plain text as part o...

CVE-2022-23725

PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances...

CVE-2022-23725

PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances...

CVE-2022-23725

PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances...

Code injection

PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances...

CVE-2022-23725 PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances

PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances...

CVE-2022-34804

Jenkins OpsGenie Plugin 1.9 and earlier transmits API keys in plain text as part of the global Jenkins configuration form and job configuration forms, potentially resulting in their exposure...

CVE-2022-34803

Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in its global configuration file and in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission config.xml, or access to the Jenkins controller file system...

CVE-2022-34804

Jenkins OpsGenie Plugin 1.9 and earlier transmits API keys in plain text as part of the global Jenkins configuration form and job configuration forms, potentially resulting in their exposure...

CVE-2022-34803

Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in its global configuration file and in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission config.xml, or access to the Jenkins controller file system...

Design/Logic Flaw

Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in its global configuration file and in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission config.xml, or access to the Jenkins controller file system...

Design/Logic Flaw

Jenkins OpsGenie Plugin 1.9 and earlier transmits API keys in plain text as part of the global Jenkins configuration form and job configuration forms, potentially resulting in their exposure...

CVE-2022-34804

Jenkins OpsGenie Plugin 1.9 and earlier transmits API keys in plain text as part of the global Jenkins configuration form and job configuration forms, potentially resulting in their exposure...

CVE-2022-34804

CVE-2022-34804 affects Jenkins OpsGenie Plugin 1.9 and earlier. The vulnerability described across multiple sources states that API keys are transmitted in plain text via the global Jenkins configuration form and job configuration forms, potentially exposing them. It also notes that API keys are ...

CVE-2022-34803

Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in its global configuration file and in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission config.xml, or access to the Jenkins controller file system...

CVE-2022-34803

The CVE-2022-34803 entry concerns Jenkins OpsGenie Plugin 1.9 and earlier, which stores API keys unencrypted in the plugin’s global configuration file and in job config.xml on the Jenkins controller. The keys can be viewed by users with Extended Read permission (config.xml) or by anyone with acce...

Jenkins Plugin OpsGenie 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

PT-2022-22355 · Jenkins · Jenkins Opsgenie Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins OpsGenie Plugin versions 1.9 and earlier Description: The issue concerns the storage of API keys in an unencrypted manner within the global configuration file and job config.xml files on the Jenkins controller. These keys can be...