EUVD-2022-3087

Malicious code in bioql PyPI...

EUVD-2022-3106

Malicious code in bioql PyPI...

CVE-2025-53662

Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

Insufficiently Protected Credentials

Overview org.jenkins-ci.plugins:ifttt-build-notifier is a Simple Jenkins Build Status Notifier for IFTTT Maker Channel Trigger. Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the storage of sensitive keys in config.xml files. An attacker can gain...

Jenkins IFTTT Build Notifier Plugin vulnerability exposes IFTTT Maker Channel Keys

Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As ...

CVE-2025-53662

Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

Jenkins plugin IFTTT Build Notifier 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. Jenkins plugin A...

PT-2025-28914 · Jenkins · Jenkins Ifttt Build Notifier Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins IFTTT Build Notifier Plugin versions 1.2 and earlier Description: The Jenkins IFTTT Build Notifier Plugin stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller. These keys can be viewed by users...

GHSA-826H-FXFF-HPQF Jenkins Azure Event Grid Build Notifier Plugin has Insufficiently Protected Credentials

Azure Event Grid Build Notifier Plugin stores the Azure Event Grid secret key unencrypted in job config.xml files on the Jenkins controller. This key can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is...

Jenkins Azure Event Grid Build Notifier Plugin has Insufficiently Protected Credentials

Azure Event Grid Build Notifier Plugin stores the Azure Event Grid secret key unencrypted in job config.xml files on the Jenkins controller. This key can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is...

Jenkins Amazon SNS Build Notifier Plugin stores credentials in plain text

Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.snsnotify.AmazonSNSNotifier.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

GHSA-84P4-7MXC-7PHJ Jenkins Amazon SNS Build Notifier Plugin stores credentials in plain text

Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.snsnotify.AmazonSNSNotifier.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

CVE-2019-10421

Jenkins Azure Event Grid Build Notifier Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

Design/Logic Flaw

Jenkins Azure Event Grid Build Notifier Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10421

Jenkins Azure Event Grid Build Notifier Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10421

The CVE-2019-10421 issue concerns the Jenkins Azure Event Grid Build Notifier Plugin. The vulnerability arises from credentials (Azure Event Grid secret key) being stored unencrypted in job config.xml files on the Jenkins master/controller. This allows that confidential data to be exposed to user...

PT-2019-11815 · Jenkins · Jenkins Azure Event Grid Build Notifier Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Azure Event Grid Build Notifier Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master or controller. Specifically, the...

CloudBees Jenkins Azure Event Grid Build Notifier Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks.Azure Event Grid Build Notifier Plugin is used i...

Design/Logic Flaw

Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-1003063

Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...