CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

RedhatCVE•added 2025/11/08 1:57 p.m.•7 views

CVE-2025-64143

Jenkins OpenShift Pipeline Plugin 1.0.57 and earlier stores authorization tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission, or access to the Jenkins controller file system...

4.3CVSS6.8AI score0.00164EPSS

Exploits0References1

Snyk•added 2025/10/29 3:31 p.m.•5 views

Cleartext Transmission of Sensitive Information

Overview com.openshift.jenkins:openshift-pipeline is an OpenShift Pipeline Jenkins Plugin. Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information due to storing authorization tokens unencrypted in config.xml. An attacker can access sensitive informatio...

5.3CVSS6.5AI score0.00164EPSS

Exploits0References2

OSV•added 2025/10/29 2:15 p.m.•4 views

CVE-2025-64143

4.3CVSS6.9AI score

Exploits0References2

CVE•added 2025/10/29 1:29 p.m.•11 views

CVE-2025-64143

The CVE-2025-64143 issue affects the Jenkins OpenShift Pipeline Plugin, version 1.0.57 and earlier, which stores authorization tokens unencrypted in job config.xml on the Jenkins controller. This allows users with Item/Extended Read permission or control‑plane access to view tokens, exposing sens...

4.3CVSS6.4AI score0.00164EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2025/10/29 12:0 a.m.•3 views

PT-2025-44292

Name of the Vulnerable Software and Affected Versions Jenkins OpenShift Pipeline Plugin versions 1.0.57 and earlier Description The Jenkins OpenShift Pipeline Plugin stores authorization tokens unencrypted within config.xml files on the Jenkins controller. These files are accessible to users...

4.3CVSS6.4AI score0.00164EPSS

Exploits0References6

vulnersOsv•added 2023/04/12 6:30 p.m.•4 views

com.openshift.jenkins:openshift-pipeline (>=1.0.22 <=1.0.57), io.fabric8.jenkins.plugins:openshift-sync (>=0.0.8 <=1.0.45) potentially affected by CVE-2023-30513 via org.csanchez.jenkins.plugins:kubernetes (>=0.10 <=1.18.2)

org.csanchez.jenkins.plugins:kubernetes MAVEN version =0.10, =1.0.22, =0.0.8, =1.0.45 Source cves: CVE-2023-30513 Source advisory: OSV:GHSA-V5HQ-CQQR-6W4G...

7.5CVSS7.1AI score0.00491EPSS

Exploits0

vulnersOsv•added 2022/10/19 7:0 p.m.•1 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.openshift.jenkins:openshift-pipeline (>=1.0.14 <=1.0.57) +39 more potentially affected by CVE-2022-43401 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2660.vb_c0412dc4e6d)

org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =1.0.14, =1.3.0, =0.9.0, =1.22, =1.0, =1.0, =1.0, =0.1-beta-1, =0.1-beta-5, =1.9-beta-1, =2.3 and more Source cves: CVE-2022-43401 Source advisory: OSV:GHSA-7VR5-72W7-Q6JC...

9.9CVSS7.7AI score0.01211EPSS

Exploits0

vulnersOsv•added 2022/07/28 12:0 a.m.•2 views

br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1), com.amcbridge:build-configurator (>=1.0.5.0 <=1.0.6.1) +92 more potentially affected by CVE-2022-36882 via org.jenkins-ci.plugins:git (>=1.2.0 <=4.0.0-rc)

org.jenkins-ci.plugins:git MAVEN version =1.2.0, =1.0.5.0, =1.1.0, =1.9.2-beta, =1.9, =4.0.9, =1.1.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.1.0, =1.0.0, =1.0.22, =1.0.57 and more Source cves: CVE-2022-36882 Source advisory: OSV:GHSA-8XWJ-2WGH-GPRH...

8.8CVSS7.2AI score0.0058EPSS

Exploits0

vulnersOsv•added 2022/05/24 5:33 p.m.•6 views

com.openshift.jenkins:openshift-pipeline (>=1.0.22 <=1.0.57), io.fabric8.jenkins.plugins:openshift-sync (>=0.0.8 <=1.0.45) potentially affected by CVE-2020-2308 via org.csanchez.jenkins.plugins:kubernetes (>=0.10 <=1.18.2)

org.csanchez.jenkins.plugins:kubernetes MAVEN version =0.10, =1.0.22, =0.0.8, =1.0.45 Source cves: CVE-2020-2308 Source advisory: OSV:GHSA-RR6J-37CV-C7X7...

4.3CVSS5.8AI score0.01134EPSS

Exploits0

vulnersOsv•added 2022/05/24 5:33 p.m.•3 views

com.openshift.jenkins:openshift-pipeline (>=1.0.22 <=1.0.57), io.fabric8.jenkins.plugins:openshift-sync (>=0.0.8 <=1.0.45) potentially affected by CVE-2020-2307 via org.csanchez.jenkins.plugins:kubernetes (>=0.10 <=1.18.2)

org.csanchez.jenkins.plugins:kubernetes MAVEN version =0.10, =1.0.22, =0.0.8, =1.0.45 Source cves: CVE-2020-2307 Source advisory: OSV:GHSA-FH5W-P2J4-4P8X...

4.3CVSS5.8AI score0.01203EPSS

Exploits0

vulnersOsv•added 2022/05/24 5:10 p.m.•3 views

br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1), com.amcbridge:build-configurator (>=1.0.5.0 <=1.0.6.1) +92 more potentially affected by CVE-2020-2136 via org.jenkins-ci.plugins:git (>=1.2.0 <=4.0.0-rc)

5.4CVSS6.4AI score0.00853EPSS

Exploits0

vulnersOsv•added 2022/05/14 3:13 a.m.•4 views

com.openshift.jenkins:openshift-pipeline (>=1.0.22 <=1.0.57), io.fabric8.jenkins.plugins:openshift-sync (>=0.0.8 <=1.0.45) potentially affected by CVE-2018-1000187 via org.csanchez.jenkins.plugins:kubernetes (>=0.10 <=1.18.2)

org.csanchez.jenkins.plugins:kubernetes MAVEN version =0.10, =1.0.22, =0.0.8, =1.0.45 Source cves: CVE-2018-1000187 Source advisory: OSV:GHSA-V67X-GPG7-MWV3...

6.5CVSS6.6AI score0.01268EPSS

Exploits0

vulnersOsv•added 2022/05/13 1:14 a.m.•2 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.logmein:pipeline-bamboo (>=0.0.1 <=0.0.2) +93 more potentially affected by CVE-2019-1003030 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2.6)

org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =0.0.1, =8.0.12, =0.8, =1.0.14, =1.3.0, =1.0, =0.9.0, =1.0, =1.22, =0.0.8, =y - io.fabric8.pipeline:kubernetes-pipeline-aggregator =1.3 and more Source cves: CVE-2019-1003030 Source advisory: OSV:GHSA-R6MC-MRVR-2...

9.9CVSS7.4AI score0.75961EPSS

Exploits3

vulnersOsv•added 2022/02/16 12:1 a.m.•2 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.logmein:pipeline-bamboo (>=0.0.1 <=0.0.2) +94 more potentially affected by CVE-2022-25173 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2.92)

org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =0.0.1, =8.0.12, =0.8, =1.0.14, =1.3.0, =1.0, =0.9.0, =1.0, =1.22, =0.0.8, =y - io.fabric8.pipeline:kubernetes-pipeline-aggregator =1.3 and more Source cves: CVE-2022-25173 Source advisory: OSV:GHSA-4M7P-55JM-3VW...

8.8CVSS7.2AI score0.01422EPSS

Exploits0

vulnersOsv•added 2022/02/16 12:1 a.m.•3 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.logmein:pipeline-bamboo (>=0.0.1 <=0.0.2) +94 more potentially affected by CVE-2022-25176 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2.92)

org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =0.0.1, =8.0.12, =0.8, =1.0.14, =1.3.0, =1.0, =0.9.0, =1.0, =1.22, =0.0.8, =y - io.fabric8.pipeline:kubernetes-pipeline-aggregator =1.3 and more Source cves: CVE-2022-25176 Source advisory: OSV:GHSA-6473-GQRJ-4P6...

6.5CVSS6.5AI score0.01715EPSS

Exploits0

vulnersOsv•added 2022/02/16 12:1 a.m.•1 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.openshift.jenkins:openshift-pipeline (>=1.0.14 <=1.0.57) +37 more potentially affected by CVE-2022-25180 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=1.9-beta-1)

4.3CVSS5.4AI score0.0052EPSS

Exploits0

Prion•added 2020/03/25 5:15 p.m.•13 views

Remote code execution

Jenkins OpenShift Pipeline Plugin 1.0.56 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...

6.5CVSS9AI score0.02077EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/03/25 4:5 p.m.•25 views

CVE-2020-2167

Jenkins OpenShift Pipeline Plugin 1.0.56 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...

9AI score0.02077EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by