Lucene search
K

408 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:40 a.m.7 views

CVE-2019-1003096

Jenkins TestFairy Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS6.7AI score0.01676EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:40 a.m.12 views

CVE-2019-1003054

Jenkins Jira Issue Updater Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS6.7AI score0.01365EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:40 a.m.11 views

CVE-2019-1003045

A vulnerability in Jenkins ECS Publisher Plugin 1.0.0 and earlier allows attackers with Item/Extended Read permission, or local file system access to the Jenkins home directory to obtain the API token configured in this plugin's configuration...

6.5CVSS6.5AI score0.01613EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:10 a.m.8 views

CVE-2019-10467

Jenkins Sonar Gerrit Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS6.7AI score0.00852EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:1 a.m.19 views

CVE-2019-1003056

Jenkins WebSphere Deployer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS6.7AI score0.01365EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:31 a.m.14 views

CVE-2019-10422

Jenkins Call Remote Job Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS6.8AI score0.01001EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:21 a.m.7 views

CVE-2019-1003088

Jenkins Fabric Beta Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS6.7AI score0.01226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:51 a.m.11 views

CVE-2019-10449

Jenkins Fortify on Demand Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS6.7AI score0.00676EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:47 a.m.11 views

CVE-2019-1003061

Jenkins jenkins-cloudformation-plugin Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS6.7AI score0.01423EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:14 a.m.10 views

CVE-2019-10366

Jenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS6.5AI score0.01482EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:14 a.m.22 views

CVE-2019-10283

Jenkins mabl Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS6.7AI score0.01773EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:13 a.m.10 views

CVE-2019-10348

Jenkins Gogs Plugin stored credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS6.5AI score0.01668EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:12 a.m.11 views

CVE-2019-10452

Jenkins View26 Test-Reporting Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

4.3CVSS6.8AI score0.00469EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:6 a.m.9 views

CVE-2019-10284

Jenkins Diawi Upload Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS6.7AI score0.01773EPSS
Exploits0References1
Snyk
Snyk
added 2025/04/02 3:43 p.m.6 views

Cleartext Storage of Sensitive Information

Overview org.ukiuni.monitor-remote-job-plugin:monitor-remote-job is a monitor remote job. Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information within config.xml files. An attacker can gain unauthorized access to sensitive data by exploiting the visibility...

5.5CVSS7AI score0.00276EPSS
Exploits0References2
OSV
OSV
added 2025/04/02 3:31 p.m.1 views

GHSA-565R-PF5Q-45V6 Jenkins Missing Permission Check

Jenkins 2.503 and earlier, LTS 2.492.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent, gaining access to its configuration. Jenkins 2.504, LTS 2.492.3 require...

4.3CVSS6.8AI score0.0039EPSS
Exploits0References3
OSV
OSV
added 2025/04/02 3:16 p.m.6 views

CVE-2025-31727

Jenkins AsakusaSatellite Plugin 0.1.1 and earlier stores AsakusaSatellite API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

5.5CVSS5.8AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2025/04/02 3:16 p.m.6 views

CVE-2025-31725

Jenkins monitor-remote-job Plugin 1.0 stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

5.5CVSS5.8AI score0.00276EPSS
Exploits0References1
NVD
NVD
added 2025/04/02 3:16 p.m.16 views

CVE-2025-31725

Jenkins monitor-remote-job Plugin 1.0 stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

5.5CVSS0.00276EPSS
Exploits0References1
NVD
NVD
added 2025/04/02 3:16 p.m.42 views

CVE-2025-31726

Jenkins Stack Hammer Plugin 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

5.5CVSS0.00276EPSS
Exploits0References1
Rows per page
Query Builder