543 matches found
CVE-2019-10433
Jenkins Dingding钉钉 Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
Design/Logic Flaw
Jenkins Dingding?? Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10433
The CVE-2019-10433 entry affects the Jenkins Dingding plugin, where credentials are stored unencrypted in job config.xml files on the Jenkins master. This exposes credentials to users with Extended Read permissions or anyone with access to the master filesystem, as described across multiple sourc...
CVE-2019-10433
Jenkins Dingding钉钉 Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
PT-2019-11827 · Jenkins · Jenkins Dingding Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Dingding Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master. These credentials can be accessed by users with Extende...
CVE-2019-10425
Jenkins Google Calendar Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10421
Jenkins Azure Event Grid Build Notifier Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10425
Jenkins Google Calendar Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10413
Jenkins Data Theorem: CI/CD Plugin 1.3 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10414
Jenkins Git Changelog Plugin 2.17 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10422
Jenkins Call Remote Job Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
Design/Logic Flaw
Jenkins Data Theorem: CI/CD Plugin 1.3 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
Design/Logic Flaw
Jenkins Azure Event Grid Build Notifier Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10422
The CVE-2019-10422 entry concerns the Jenkins Call Remote Job Plugin, which stores credentials unencrypted in job config.xml files on the Jenkins master/controller. This plaintext storage enables disclosure to users with Extended Read permission or with access to the Jenkins master filesystem. Th...
CVE-2019-10421
Jenkins Azure Event Grid Build Notifier Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10422
Jenkins Call Remote Job Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10413
Jenkins Data Theorem: CI/CD Plugin 1.3 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10414
Jenkins Git Changelog Plugin 2.17 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10413
CVE-2019-10413 affects the Jenkins Data Theorem: CI/CD Plugin (versions 1.3 and earlier). The vulnerability stems from credentials being stored unencrypted in job config.xml on the Jenkins master, potentially viewable by users with Extended Read permission or via access to the master filesystem. ...
CVE-2019-10416
Summary: CVE-2019-10416 affects the Jenkins Violation Comments to GitLab Plugin (version 2.28 and earlier). The underlying issue is storage of credentials in plaintext within job config.xml files on the Jenkins master, exposing tokens to users with Extended Read permission or anyone with access t...