CVE-2025-31724

Jenkins Cadence vManager Plugin 4.0.0-282.v5096ac2db275 and earlier stores Verisium Manager vAPI keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

Jenkins Plugin Jigomerge 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Jigomerge Plugin 0.9 and earlier...

GHSA-7VVJ-QQVJ-H8MC Jenkins Exposes Sensitive Information from Job Configuration

Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration...

Jenkins 安全漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.A security vulnerability exists in the Jenkins Google Compute Engine Plugin, which stems from storing unencrypted private...

Jenkins incapptic connect uploader 插件安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application. jenkins incapptic connect uploader Plug...

PT-2020-15475 · Smartbear +2 · Readyapi Functional Testing Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins SoapUI Pro Functional Testing Plugin versions 1.5 and earlier ReadyAPI Functional Testing Plugin versions 1.5 and earlier Jenkins versions prior to 2.236, including 2.235.x LTS Description: The issue concerns the transmission of proje...

PT-2020-15373 · Jenkins · Jenkins Deployhub Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins DeployHub Plugin versions 8.0.14 and earlier Description: The issue concerns the transmission of configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. The credentials are...

PT-2019-14711 · Jenkins · Jenkins Rundeck Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Rundeck Plugin versions 3.6.5 and earlier Description: The issue allows credentials to be stored unencrypted in the global configuration file and in job config.xml files on the Jenkins master. This can be accessed by users with Extend...

PT-2019-11815 · Jenkins · Jenkins Azure Event Grid Build Notifier Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Azure Event Grid Build Notifier Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master or controller. Specifically, the...

PT-2019-11358 · Vmware +1 · Vrealize Automation Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins VMware vRealize Automation Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. These credentials c...