CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-1968

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00148EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 4:10 a.m.•4 views

CVE-2023-39155

Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it...

5.3CVSS6.7AI score0.00148EPSS

Exploits0

Veracode•added 2023/07/29 9:51 a.m.•16 views

Information Disclosure

chef-identity is vulnerable to Information Disclosure. The vulnerability exists because ChefIdentityBuildWrapper.xml does not properly mask the user.pem key on the form field, allowing an attacker to gain sensitive information if they have access to the global configuration file, or are able to...

5.3CVSS6.8AI score0.00148EPSS

Exploits0References3Affected Software1

OSV•added 2023/07/26 3:30 p.m.•23 views

GHSA-5JC5-M87X-88FJ Secret displayed without masking by Chef Identity Plugin

Chef Identity Plugin stores the user.pem key in its global configuration file io.chef.jenkins.ChefIdentityBuildWrapper.xml on the Jenkins controller as part of its configuration. While this key is stored encrypted on disk, in Chef Identity Plugin 2.0.3 and earlier the global configuration form do...

3.1CVSS5.4AI score0.00148EPSS

Exploits0References3

Github Security Blog•added 2023/07/26 3:30 p.m.•14 views

Secret displayed without masking by Chef Identity Plugin

5.3CVSS6.6AI score0.00148EPSS

Exploits0References4Affected Software1

NVD•added 2023/07/26 2:15 p.m.•11 views

CVE-2023-39155

Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it...

5.3CVSS5.9AI score0.00148EPSS

Exploits0References2

OSV•added 2023/07/26 2:15 p.m.•2 views

CVE-2023-39155

Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it...

5.3CVSS5.8AI score

Exploits0References2

Prion•added 2023/07/26 2:15 p.m.•14 views

Design/Logic Flaw

Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it...

5CVSS5.2AI score0.00148EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/07/26 1:54 p.m.•12 views

CVE-2023-39155

Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it...

6.7AI score0.00148EPSS

Exploits0References2

CVE•added 2023/07/26 1:54 p.m.•223 views

CVE-2023-39155

The CVE-2023-39155 entry affects Jenkins Chef Identity Plugin (versions 2.0.3 and earlier). The root cause is that the user.pem key form field in the plugin’s global configuration is not masked, allowing an attacker with access to the Jenkins controller UI to observe or capture the key. This is t...

5.3CVSS5.2AI score0.00148EPSS

Exploits0References2Affected Software1

CNNVD•added 2023/07/26 12:0 a.m.•1 views

Jenkins Chef Identity Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.3CVSS5.7AI score0.00148EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by