Lucene search
K

15 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.7 views

The vulnerability of the Aqua Security Scanner plugin in the Jenkins automation server, related to the lack of data encryption measures, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Aqua Security Scanner plugin in the Jenkins automation server is related to the lack of data encryption measures. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.5AI score0.00191EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2025/07/09 4:49 p.m.5 views

Cleartext Storage of Sensitive Information

Overview org.jenkins-ci.plugins:aqua-security-scanner is a Jenkins plugin for calling the Aqua API to scan a Docker image Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in the storage of Scanner Tokens for Aqua API in config.xml files on the...

6.8CVSS6.9AI score0.00191EPSS
Exploits0References2
NVD
NVD
added 2025/07/09 4:15 p.m.7 views

CVE-2025-53653

Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

4.3CVSS0.00191EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/09 12:0 a.m.7 views

PT-2025-28905 · Jenkins · Jenkins Aqua Security Scanner Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Aqua Security Scanner Plugin versions 3.2.8 and earlier Description: The Jenkins Aqua Security Scanner Plugin stores Scanner Tokens for the Aqua API unencrypted in job config.xml files on the Jenkins controller. These tokens are...

4.3CVSS5.9AI score0.00191EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/07/09 12:0 a.m.19 views

Jenkins plugin Aqua Security Scanner 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

4.3CVSS6.4AI score0.00191EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:26 a.m.9 views

CVE-2019-10428

Jenkins Aqua Security Scanner Plugin 3.0.17 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

7.5CVSS6.8AI score0.00888EPSS
Exploits0References1
OSV
OSV
added 2022/05/24 10:0 p.m.19 views

GHSA-XP44-8VWR-XWMV Jenkins Aqua Security Scanner Plugin showed plain text password in configuration form

Jenkins Aqua Security Scanner Plugin 3.0.17 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

7.5CVSS7.5AI score0.00888EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/24 10:0 p.m.19 views

Jenkins Aqua Security Scanner Plugin showed plain text password in configuration form

Jenkins Aqua Security Scanner Plugin 3.0.17 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

7.5CVSS6.8AI score0.00888EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:17 a.m.23 views

Jenkins Aqua Security Scanner Plugin stores credentials in plain text

Jenkins Aqua Security Scanner Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.aquadockerscannerbuildstep.AquaDockerScannerBuilder.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.8AI score0.01365EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/13 1:17 a.m.9 views

GHSA-3J3V-7F8F-V2XP Jenkins Aqua Security Scanner Plugin stores credentials in plain text

Jenkins Aqua Security Scanner Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.aquadockerscannerbuildstep.AquaDockerScannerBuilder.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

3.3CVSS8.7AI score0.01365EPSS
Exploits0References4
NVD
NVD
added 2019/09/25 4:15 p.m.16 views

CVE-2019-10428

Jenkins Aqua Security Scanner Plugin 3.0.17 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

7.5CVSS7.5AI score0.00888EPSS
Exploits0References2
OSV
OSV
added 2019/09/25 4:15 p.m.6 views

CVE-2019-10428

Jenkins Aqua Security Scanner Plugin 3.0.17 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

7.5CVSS7.1AI score0.00888EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2019/09/25 3:5 p.m.32 views

CVE-2019-10428

Jenkins Aqua Security Scanner Plugin 3.0.17 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

7.5CVSS1.8AI score0.00888EPSS
Exploits0References2
CVE
CVE
added 2019/09/25 3:5 p.m.48 views

CVE-2019-10428

The CVE refers to Jenkins Aqua Security Scanner Plugin (versions 3.0.17 and earlier). The root cause is that the plugin transmitted configured credentials in plain text within the global Jenkins configuration form, potentially exposing them. Affected component: Jenkins Aqua Security Scanner Plugi...

7.5CVSS7.5AI score0.00888EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/08/23 12:0 a.m.2 views

CloudBees Jenkins Aqua Security Scanner Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Aqua Security Scanner Plugin is used in one o...

8.8CVSS7AI score0.01365EPSS
Exploits0References1
Rows per page
Query Builder