23 matches found
EUVD-2022-4172
Malicious code in bioql PyPI...
CVE-2020-2156
Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure...
CVE-2019-10286
Jenkins DeployHub Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
GHSA-HM57-4QPX-F734 Credentials transmitted in plain text by Jenkins DeployHub Plugin
DeployHub Plugin stores credentials in job config.xml files as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the configuration form by DeployHub Plugin 8.0.14 and earlier. These credentials could be viewed by users wit...
Credentials transmitted in plain text by Jenkins DeployHub Plugin
DeployHub Plugin stores credentials in job config.xml files as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the configuration form by DeployHub Plugin 8.0.14 and earlier. These credentials could be viewed by users wit...
GHSA-9M3C-XFHF-53MH Jenkins DeployHub Plugin stores credentials in plain text
Jenkins DeployHub Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...
Jenkins DeployHub Plugin stores credentials in plain text
Jenkins DeployHub Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...
CloudBees Jenkins DeployHub Plugin Information Disclosure Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . DeployHub Plugin is used in which an...
CVE-2020-2156
Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure...
CVE-2020-2156
Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure...
Code injection
Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure...
CVE-2020-2156
Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure...
CVE-2020-2156
Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure...
CVE-2020-2156
The CVE-2020-2156 issue affects Jenkins DeployHub Plugin (up to and including 8.0.14). The root cause is that credentials are transmitted in plain text as part of job configuration forms and, although encrypted on disk in config.xml, can be viewed by users with Extended Read permission, potential...
PT-2020-15373 · Jenkins · Jenkins Deployhub Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins DeployHub Plugin versions 8.0.14 and earlier Description: The issue concerns the transmission of configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. The credentials are...
CloudBees Jenkins DeployHub Plugin Trust Management Issue Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . DeployHub Plugin is used in which an...
CVE-2019-10286
Jenkins DeployHub Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10286
Jenkins DeployHub Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
Design/Logic Flaw
Jenkins DeployHub Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10286
Jenkins DeployHub Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...