519 matches found
PT-2019-11827 · Jenkins · Jenkins Dingding Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Dingding Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master. These credentials can be accessed by users with Extende...
CVE-2019-10425
Jenkins Google Calendar Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10421
Jenkins Azure Event Grid Build Notifier Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10425
Jenkins Google Calendar Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10414
Jenkins Git Changelog Plugin 2.17 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10422
Jenkins Call Remote Job Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10413
Jenkins Data Theorem: CI/CD Plugin 1.3 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
Design/Logic Flaw
Jenkins Data Theorem: CI/CD Plugin 1.3 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
Design/Logic Flaw
Jenkins Azure Event Grid Build Notifier Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10422
The CVE-2019-10422 entry concerns the Jenkins Call Remote Job Plugin, which stores credentials unencrypted in job config.xml files on the Jenkins master/controller. This plaintext storage enables disclosure to users with Extended Read permission or with access to the Jenkins master filesystem. Th...
CVE-2019-10422
Jenkins Call Remote Job Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10421
Jenkins Azure Event Grid Build Notifier Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10413
Jenkins Data Theorem: CI/CD Plugin 1.3 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10414
Jenkins Git Changelog Plugin 2.17 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10413
CVE-2019-10413 affects the Jenkins Data Theorem: CI/CD Plugin (versions 1.3 and earlier). The vulnerability stems from credentials being stored unencrypted in job config.xml on the Jenkins master, potentially viewable by users with Extended Read permission or via access to the master filesystem. ...
CVE-2019-10416
Summary: CVE-2019-10416 affects the Jenkins Violation Comments to GitLab Plugin (version 2.28 and earlier). The underlying issue is storage of credentials in plaintext within job config.xml files on the Jenkins master, exposing tokens to users with Extended Read permission or anyone with access t...
PT-2019-11807 · Jenkins · Jenkins Data Theorem: Ci/Cd Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Data Theorem: CI/CD Plugin versions 1.3 and earlier Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master. This allows users with Extended Read permission or...
PT-2019-11819 · Jenkins · Jenkins Google Calendar Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Google Calendar Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master. Specifically, the Google Calendar Plugin stores ...
PT-2019-11808 · Jenkins · Jenkins Git Changelog Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Git Changelog Plugin versions 2.17 and earlier Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master or controller. Specifically, MediaWiki and Jira passwords...
CVE-2019-10385
Jenkins eggPlant Plugin 2.2 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...