EUVD-2022-5804

Malicious code in bioql PyPI...

CVE-2022-29043

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2019-10407

Jenkins Project Inheritance Plugin 2.0.0 and earlier displayed a list of environment variables passed to a build without masking sensitive variables contributed by the Mask Passwords Plugin...

GHSA-GP67-C7J2-2QG2 Insertion of Sensitive Information into Log File in Jenkins Mask Passwords Plugin

Jenkins Mask Passwords Plugin 2.12.0 and earlier transmits globally configured passwords in plain text as part of the configuration form, potentially resulting in their exposure...

CVE-2022-29043

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-29043

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

Cross site scripting

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-29043

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-29043

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-29043

The CVE-2022-29043 entry describes a stored XSS vulnerability in Jenkins Mask Passwords Plugin (version 3.0 and earlier). The flaw arises because the plugin does not escape the name and description of Non-Stored Password parameters on parameter views, enabling an attacker with Item/Configure perm...

CVE-2019-10407

Jenkins Project Inheritance Plugin 2.0.0 and earlier displayed a list of environment variables passed to a build without masking sensitive variables contributed by the Mask Passwords Plugin...

CVE-2019-10407

Jenkins Project Inheritance Plugin 2.0.0 and earlier displayed a list of environment variables passed to a build without masking sensitive variables contributed by the Mask Passwords Plugin...

CVE-2019-10407

CVE-2019-10407 affects Jenkins Project Inheritance Plugin (versions 2.0.0 and earlier; also referenced as 19.08.02 and earlier in extended advisories). The vulnerability stems from the plugin displaying a list of environment variables passed to a build without masking sensitive variables contribu...

PT-2019-11801 · Jenkins · Jenkins Project Inheritance Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Project Inheritance Plugin versions 2.0.0 and earlier Jenkins Project Inheritance Plugin versions 19.08.02 and earlier Description: The issue concerns the display of environment variables passed to a build without properly masking...

CloudBees Jenkins Mask Passwords Plugin Encryption Issue Vulnerability

CloudBees Jenkins is an open source software project , is based on Java development of a continuous integration tool for monitoring continuous repetitive work , aims to provide an open and easy to use software platform . CloudBees Jenkins Mask Passwords Plugin suffers from a cryptographic issue...

CVE-2019-10370

The CVE-2019-10370 entry concerns Jenkins Mask Passwords Plugin prior to 2.12.0, where the configuration form transmits globally configured passwords in plain text, potentially exposing them. Affected component: Jenkins Mask Passwords Plugin (versions ≤ 2.12.0). Root cause: insecure handling of c...

PT-2019-11766 · Jenkins · Jenkins Mask Passwords Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Mask Passwords Plugin versions 2.12.0 and earlier Description: The issue allows globally configured passwords to be transmitted in plain text as part of the configuration form, potentially exposing them. Recommendations: For Jenkins...