Sensitive parameter values captured in build metadata files by Jenkins Parameterized Trigger Plugin

Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their build.xml files. These values are stored unencrypted and can be viewed by users with access to...

GHSA-5MPF-HW8F-86W9 Sensitive parameter values captured in build metadata files by Jenkins Parameterized Trigger Plugin

Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their build.xml files. These values are stored unencrypted and can be viewed by users with access to...

CVE-2022-27195

Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their build.xml files. These values are stored unencrypted and can be viewed by users with access to...

CVE-2022-27195

Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their build.xml files. These values are stored unencrypted and can be viewed by users with access to...

CVE-2022-27195

Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their build.xml files. These values are stored unencrypted and can be viewed by users with access to...

CVE-2022-27195

CVE-2022-27195 affects Jenkins Parameterized Trigger Plugin (versions 2.43 and earlier). The vulnerability arises from the plugin capturing environment variables passed to builds triggered by the plugin, including password parameter values, and storing them unencrypted in build.xml files. These s...

CVE-2022-27195

Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their build.xml files. These values are stored unencrypted and can be viewed by users with access to...

PT-2022-18281 · Jenkins · Jenkins Parameterized Trigger Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Parameterized Trigger Plugin versions 2.43 and earlier Description: The issue concerns the capture and storage of environment variables, including password parameter values, in build.xml files by the Jenkins Parameterized Trigger...

jenkins: Agent-to-controller access control allows reading/writing most content of build directories

An incorrect access restriction vulnerability was found in Jenkins. The directories agents are allowed to access include the directories where there are stored build-related information intended to allow agents to store build-related metadata during build execution. As a consequence, this allows ...

jenkins: Agent-to-controller access control allows reading/writing most content of build directories

An incorrect access restriction vulnerability was found in Jenkins. The directories agents are allowed to access include the directories where there are stored build-related information intended to allow agents to store build-related metadata during build execution. As a consequence, this allows ...