Lucene search
K

8 matches found

OSV
OSV
added 2022/05/24 5:8 p.m.16 views

GHSA-GMG2-3W6V-945P Password stored in plain text by Parasoft Environment Manager Plugin

Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

4.3CVSS6.4AI score0.00852EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/13 1:1 a.m.28 views

Improper Input Validation in Jenkins

A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins...

7.5CVSS3.9AI score0.86641EPSS
Exploits7References7Affected Software1
Positive Technologies
Positive Technologies
added 2020/01/29 12:0 a.m.6 views

PT-2020-15314 · Jenkins · Jenkins Fortify Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Fortify Plugin versions 19.1.29 and earlier Description: The issue concerns the storage of proxy server passwords in an unencrypted manner within job config.xml files on the Jenkins master. These passwords can be accessed by users who...

4.3CVSS4.4AI score0.00647EPSS
Exploits0References6
Prion
Prion
added 2019/10/23 1:15 p.m.13 views

Design/Logic Flaw

Jenkins Zulip Plugin 1.1.0 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...

2.1CVSS7.5AI score0.00333EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/07/11 2:15 p.m.33 views

CVE-2019-10351

Jenkins Caliper CI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS8.7AI score0.01632EPSS
Exploits0References4
Prion
Prion
added 2019/07/11 2:15 p.m.17 views

Design/Logic Flaw

Jenkins Caliper CI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

4CVSS8.6AI score0.01632EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2019/07/11 1:55 p.m.30 views

CVE-2019-10348

Jenkins Gogs Plugin stored credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.7AI score0.01668EPSS
Exploits0References4
Cvelist
Cvelist
added 2019/04/18 4:54 p.m.21 views

CVE-2019-10302

Jenkins jira-ext Plugin 0.8 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...

8.7AI score0.01373EPSS
Exploits0References2
Rows per page
Query Builder