410 matches found
PT-2019-11344 · Jenkins · Jenkins Jira Issue Updater Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Jira Issue Updater Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be...
PT-2019-11351 · Jenkins · Jenkins-Cloudformation-Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins jenkins-cloudformation-plugin Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master or controller. These credentials ca...
PT-2019-11363 · Jenkins · Jenkins Vs Team Services Continuous Deployment Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins VS Team Services Continuous Deployment Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These...
PT-2019-11386 · Jenkins · Jenkins Testfairy Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins TestFairy Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master. This allows users with Extended Read permission or...
PT-2019-11379 · Jenkins · Jenkins Upload To Pgyer Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Upload to pgyer Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master. These credentials can be accessed by users who...
PT-2019-11362 · Jenkins · Jenkins Wildfly Deployer Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins WildFly Deployer Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials can be...
PT-2019-11335 · Jenkins · Jenkins Ecs Publisher Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins ECS Publisher Plugin versions 1.0.0 and earlier Description: A vulnerability in the plugin allows attackers with Item/Extended Read permission, or local file system access to the Jenkins home directory to obtain the API token configur...
jenkins: Granting the permission to read node configurations allows access to overall system configuration (SECURITY-281)
The API URL computer/master/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors...
jenkins: Encrypted secrets (e.g. passwords) were leaked to users with permission to read configuration (SECURITY-266)
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration...
CloudBees Jenkins CI and Jenkins LTS Information Disclosure Vulnerability (CNVD-2016-03162)
CloudBees Jenkins CI formerly known as Hudson Labs is a Java-based continuous integration tool from CloudBees, Inc. It is mainly used to monitor ongoing software releases/testing projects and a number of timed tasks.LTS Long-Term Support is a long-supported version of CloudBees Jenkins CI is a...