Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:1 p.m.9 views

CVE-2022-34804

Jenkins OpsGenie Plugin 1.9 and earlier transmits API keys in plain text as part of the global Jenkins configuration form and job configuration forms, potentially resulting in their exposure...

4.3CVSS6.8AI score0.00396EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:0 p.m.9 views

CVE-2022-34803

Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in its global configuration file and in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission config.xml, or access to the Jenkins controller file system...

4.3CVSS6.7AI score0.0056EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/30 6:15 p.m.5 views

CVE-2022-34803

Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in its global configuration file and in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission config.xml, or access to the Jenkins controller file system...

4.3CVSS5.9AI score0.0056EPSS
Exploits0References2
NVD
NVD
added 2022/06/30 6:15 p.m.33 views

CVE-2022-34804

Jenkins OpsGenie Plugin 1.9 and earlier transmits API keys in plain text as part of the global Jenkins configuration form and job configuration forms, potentially resulting in their exposure...

4.3CVSS0.00396EPSS
Exploits0References1
Prion
Prion
added 2022/06/30 6:15 p.m.22 views

Design/Logic Flaw

Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in its global configuration file and in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission config.xml, or access to the Jenkins controller file system...

4CVSS4.5AI score0.0056EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/06/30 5:48 p.m.687 views

CVE-2022-34804

CVE-2022-34804 affects Jenkins OpsGenie Plugin 1.9 and earlier. The vulnerability described across multiple sources states that API keys are transmitted in plain text via the global Jenkins configuration form and job configuration forms, potentially exposing them. It also notes that API keys are ...

4.3CVSS5AI score0.00396EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder