Lucene search
+L

410 matches found

Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.3 views

PT-2019-11344 · Jenkins · Jenkins Jira Issue Updater Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Jira Issue Updater Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be...

8.8CVSS8.5AI score0.01365EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.6 views

PT-2019-11351 · Jenkins · Jenkins-Cloudformation-Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins jenkins-cloudformation-plugin Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master or controller. These credentials ca...

8.8CVSS8.5AI score0.01423EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.7 views

PT-2019-11363 · Jenkins · Jenkins Vs Team Services Continuous Deployment Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins VS Team Services Continuous Deployment Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These...

8.8CVSS8.5AI score0.01365EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.6 views

PT-2019-11386 · Jenkins · Jenkins Testfairy Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins TestFairy Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master. This allows users with Extended Read permission or...

6.5CVSS6.3AI score0.01676EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.7 views

PT-2019-11379 · Jenkins · Jenkins Upload To Pgyer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Upload to pgyer Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master. These credentials can be accessed by users who...

6.5CVSS6.3AI score0.01226EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.5 views

PT-2019-11362 · Jenkins · Jenkins Wildfly Deployer Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins WildFly Deployer Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be...

8.8CVSS8.5AI score0.01365EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/03/28 12:0 a.m.6 views

PT-2019-11335 · Jenkins · Jenkins Ecs Publisher Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins ECS Publisher Plugin versions 1.0.0 and earlier Description: A vulnerability in the plugin allows attackers with Item/Extended Read permission, or local file system access to the Jenkins home directory to obtain the API token configur...

6.5CVSS6.2AI score0.01613EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2016/06/06 7:6 p.m.7 views

jenkins: Granting the permission to read node configurations allows access to overall system configuration (SECURITY-281)

The API URL computer/master/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors...

4.3CVSS5.9AI score0.02308EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/06/06 7:6 p.m.6 views

jenkins: Encrypted secrets (e.g. passwords) were leaked to users with permission to read configuration (SECURITY-266)

Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration...

6.5CVSS5.8AI score0.02185EPSS
Exploits0References5
CNVD
CNVD
added 2016/05/13 12:0 a.m.4 views

CloudBees Jenkins CI and Jenkins LTS Information Disclosure Vulnerability (CNVD-2016-03162)

CloudBees Jenkins CI formerly known as Hudson Labs is a Java-based continuous integration tool from CloudBees, Inc. It is mainly used to monitor ongoing software releases/testing projects and a number of timed tasks.LTS Long-Term Support is a long-supported version of CloudBees Jenkins CI is a...

4.3CVSS8.5AI score0.02308EPSS
Exploits0References1
Rows per page
Query Builder