Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 7:6 a.m.4 views

CVE-2019-10444

Jenkins Bumblebee HP ALM Plugin 4.1.3 and earlier unconditionally disabled SSL/TLS and hostname verification for connections to HP ALM...

6.5CVSS6.7AI score0.00036EPSS
Exploits0References1
OSV
OSVadded 2022/05/24 4:58 p.m.18 views

GHSA-QGP8-H5CP-R75R Jenkins Bumblebee HP ALM Plugin unconditionally disabled SSL/TLS certificate validation

Jenkins Bumblebee HP ALM Plugin unconditionally disabled SSL/TLS certificate validation for connections to the HP ALM service. Bumblebee HP ALM Plugin no longer does that. Instead, it now allows users to opt out of certificate validation...

4.8CVSS6.4AI score0.00036EPSS
Exploits0References2
OSV
OSVadded 2021/01/13 4:15 p.m.16 views

CVE-2021-21614

Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

5.5CVSS6.6AI score
Exploits0References1
CVE
CVEadded 2021/01/13 3:55 p.m.76 views

CVE-2021-21614

Summary: CVE-2021-21614 affects the Jenkins Bumblebee HP ALM Plugin (version 4.1.5 and earlier). The underlying issue is that credentials are stored unencrypted in the plugin’s global configuration file on the Jenkins controller, which can be viewed by users with access to the controller filesyst...

5.5CVSS5.6AI score0.00011EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/01/13 3:55 p.m.17 views

CVE-2021-21614

Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

6AI score0.00011EPSS
Exploits0References1
AlpineLinux
AlpineLinuxadded 2021/01/13 3:55 p.m.32 views

CVE-2021-21614

Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

5.5CVSS2.6AI score0.00011EPSS
Exploits0References1
CNNVD
CNNVDadded 2021/01/13 12:0 a.m.1 views

Cloudbees Jenkins 信息泄露漏洞

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/testing project and some timed tasks . Bumblebee HP ALM Plugin is us...

5.5CVSS6.1AI score0.00011EPSS
Exploits0References4
OSV
OSVadded 2019/10/16 2:15 p.m.11 views

CVE-2019-10444

Jenkins Bumblebee HP ALM Plugin 4.1.3 and earlier unconditionally disabled SSL/TLS and hostname verification for connections to HP ALM...

6.5CVSS7AI score
Exploits0References1
CVE
CVEadded 2019/10/16 1:0 p.m.50 views

CVE-2019-10444

The CVE-2019-10444 entry concerns Jenkins Bumblebee HP ALM Plugin (version 4.1.3 and earlier) that unconditionally disabled SSL/TLS and hostname/certificate validation when connecting to HP ALM. This creates a risk of man‑in‑the‑middle if connections are not properly trusted. Public details confi...

6.5CVSS6.4AI score0.00036EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder