CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-6270

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00208EPSS

Exploits0References3

CNVD•added 2022/07/04 12:0 a.m.•32 views

Jenkins Build Notifications Plugin信息泄露漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An information disclosure vulnerability...

4.3CVSS0.4AI score0.00335EPSS

Exploits0References1

OSV•added 2022/07/01 12:1 a.m.•23 views

GHSA-V3R8-6VFJ-PPPF Plaintext Storage of a Password in Jenkins Build Notifications Plugin

Build Notifications Plugin 1.5.0 and earlier stores multiple tokens unencrypted in its global configuration files on the Jenkins controller as part of its configuration:- Pushover Application Token in tools.devnull.jenkins.plugins.buildnotifications.PushoverNotifier.xml\n- Slack Bot Token in...

3.3CVSS4.9AI score0.00335EPSS

Exploits0References3

Github Security Blog•added 2022/07/01 12:1 a.m.•27 views

Plaintext Storage of a Password in Jenkins Build Notifications Plugin

4.3CVSS5.1AI score0.00335EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 2022/06/30 6:15 p.m.•3 views

CVE-2022-34801

Jenkins Build Notifications Plugin 1.5.0 and earlier transmits tokens in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

4.3CVSS5.9AI score0.00208EPSS

Exploits0References2

OSV•added 2022/06/30 6:15 p.m.•1 views

CVE-2022-34801

Jenkins Build Notifications Plugin 1.5.0 and earlier transmits tokens in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

4.3CVSS5.8AI score

Exploits0References1

CVE•added 2022/06/30 5:48 p.m.•257 views

CVE-2022-34801

Jenkins Build Notifications Plugin 1.5.0 and earlier is affected by CVE-2022-34801, where tokens are transmitted in plain text as part of the global Jenkins configuration form, potentially exposing them. Root cause: sensitive tokens stored/transmitted in plain text within Jenkins configuration. A...

4.3CVSS5AI score0.00208EPSS

Exploits0References1Affected Software1

CVE•added 2022/06/30 5:48 p.m.•251 views

CVE-2022-34800

The CVE-2022-34800 entry corresponds to Jenkins Build Notifications Plugin 1.5.0 and earlier, where tokens are stored unencrypted in the Jenkins controller’s global configuration files. Affected files include the plugin’s global configuration artifacts (e.g., PushoverNotifier.xml, SlackNotifier.x...

4.3CVSS4.8AI score0.00335EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2022/06/30 12:0 a.m.•1 views

PT-2022-22352 · Jenkins · Jenkins Build Notifications Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Build Notifications Plugin versions 1.5.0 and earlier Description: The issue allows users with access to the Jenkins controller file system to view tokens stored unencrypted in the plugin's global configuration files. Specifically,...

4.3CVSS4.3AI score0.00335EPSS

Exploits0References5

CNNVD•added 2022/06/30 12:0 a.m.•3 views

Jenkins Plugin Build Notifications 安全漏洞

4.3CVSS5.6AI score0.00335EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by