EUVD-2022-2554

Malicious code in bioql PyPI...

CloudBees Jenkins Nomad Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is a Java-based continuous integration tool developed by CloudBees, Inc. An information disclosure vulnerability exists in CloudBees Jenkins Nomad Plugin 0.7.4 and prior versions. The vulnerability is caused by the program storing unencrypted Docker passwords in the...

CVE-2021-21681

Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

CVE-2021-21681

Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

CVE-2021-21681

Jenkins Nomad Plugin prior to version 0.7.5 stores Docker registry credentials in plaintext in the global config.xml on the Jenkins controller, exposing them to any user with file-system access. This CVE (CVE-2021-21681) affects 0.7.4 and earlier. Root cause is unencrypted storage of passwords in...

PT-2021-14724 · Jenkins · Jenkins Nomad Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Nomad Plugin versions 0.7.4 and earlier Description: The issue allows Docker passwords to be stored unencrypted in the global config.xml file on the Jenkins controller. These passwords can be viewed by users with access to the Jenkins...