Jenkins IFTTT Build Notifier Plugin vulnerability exposes IFTTT Maker Channel Keys

Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As ...

CVE-2025-53662

Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

PT-2025-28914 · Jenkins · Jenkins Ifttt Build Notifier Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins IFTTT Build Notifier Plugin versions 1.2 and earlier Description: The Jenkins IFTTT Build Notifier Plugin stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller. These keys can be viewed by users...

Jenkins Azure Event Grid Build Notifier Plugin has Insufficiently Protected Credentials

Azure Event Grid Build Notifier Plugin stores the Azure Event Grid secret key unencrypted in job config.xml files on the Jenkins controller. This key can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is...

CVE-2019-10421

Jenkins Azure Event Grid Build Notifier Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10421

The CVE-2019-10421 issue concerns the Jenkins Azure Event Grid Build Notifier Plugin. The vulnerability arises from credentials (Azure Event Grid secret key) being stored unencrypted in job config.xml files on the Jenkins master/controller. This allows that confidential data to be exposed to user...

CloudBees Jenkins Azure Event Grid Build Notifier Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks.Azure Event Grid Build Notifier Plugin is used i...

CVE-2019-1003063

Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-1003063

Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-1003063

Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

PT-2019-11353 · Jenkins · Jenkins Amazon Sns Build Notifier Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Amazon SNS Build Notifier Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specificall...