Jenkins Plugin TestComplete support 代码问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

PT-2023-19603 · Jenkins · Jenkins Testcomplete Support Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins TestComplete support Plugin versions 2.8.1 and earlier Description: The issue is related to the configuration of the XML parser, which does not prevent XML external entity XXE attacks. This allows for potential exploitation...

CVE-2023-24443

CVE-2023-24443 concerns Jenkins TestComplete support Plugin, version 2.8.1 and earlier, where the XML parser is not configured to prevent XML external entity (XXE) attacks. The vulnerability is described as high-severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H; base score 9.8). The issue i...

CVE-2023-24443

Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

GHSA-R32R-F6WR-CC3W Password stored in plain text by Jenkins TestComplete support Plugin

Jenkins TestComplete support Plugin prior to version 2.5.2 stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system. Version 2.5.2 contains a patch for this issue...

Password stored in plain text by Jenkins TestComplete support Plugin

Jenkins TestComplete support Plugin prior to version 2.5.2 stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system. Version 2.5.2 contains a patch for this issue...

Unspecified Vulnerability in CloudBees Jenkins TestComplete support Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software release/testing projects and some timed tasks . TestComplete support Plugin is used in one of the un...

CVE-2020-2209

Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2209

Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

Design/Logic Flaw

Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2209

CVE-2020-2209 affects CloudBees Jenkins TestComplete support Plugin versions 2.4.1 and earlier. The issue stems from storing passwords unencrypted in job config.xml on the Jenkins master, allowing access by users with Extended Read permission or direct master filesystem access. Remediation per mu...

CVE-2020-2209

Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

PT-2020-15424 · Jenkins · Jenkins Testcomplete Support Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins TestComplete support Plugin versions 2.4.1 and earlier Description: The issue allows storage of a password unencrypted in job config.xml files on the Jenkins master. This can be viewed by users with Extended Read permission or access ...