29 matches found
PT-2022-22077 · Jenkins · Jenkins Beaker Builder Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Beaker builder Plugin versions 1.10 and earlier Description: A cross-site request forgery CSRF issue allows attackers to connect to an attacker-specified URL. This can be exploited by attackers to perform unauthorized actions...
Jenkins Beaker Builder Plugin has Insufficiently Protected Credentials
Beaker builder Plugin stored the Beaker password unencrypted on the Jenkins controller. This password could be viewed by users with access to the Jenkins controller file system. Beaker builder Plugin now stores these credentials encrypted...
CloudBees Jenkins Beaker Builder Information Disclosure Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Dependency Graph Viewer Plugin is used in...
CVE-2019-10398
Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
CVE-2019-10398
Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
Design/Logic Flaw
Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
CVE-2019-10398
Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
CVE-2019-10398
The CVE-2019-10398 entry concerns Jenkins Beaker Builder Plugin (versions ≤ 1.9). The vulnerability arises from credentials being stored unencrypted in the plugin’s global configuration file on the Jenkins master, enabling users with file-system access to view them. Impact is credential disclosur...
PT-2019-11792 · Jenkins · Jenkins Beaker Builder Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Beaker Builder Plugin versions 1.9 and earlier Description: The issue concerns the storage of credentials in the Jenkins Beaker Builder Plugin. Specifically, the plugin stored credentials unencrypted in its global configuration file o...