Lucene search
+L

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:12 a.m.13 views

CVE-2019-10452

Jenkins View26 Test-Reporting Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

4.3CVSS6.8AI score0.00469EPSS
Exploits0References1
NVD
NVD
added 2023/12/13 6:15 p.m.31 views

CVE-2023-50776

Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier stores PaaSLane authentication tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

4.3CVSS0.00339EPSS
Exploits0References2
NVD
NVD
added 2022/10/19 4:15 p.m.31 views

CVE-2022-43419

Jenkins Katalon Plugin 1.0.32 and earlier stores API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

6.5CVSS0.00668EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/05/24 5:33 p.m.31 views

Passwords stored in plain text by Mail Commander Plugin for Jenkins-ci Plugin

Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

6.5CVSS6.2AI score0.01032EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:15 a.m.18 views

Jenkins crittercism-dsym Plugin stores API key in plain text

Jenkins crittercism-dsym Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

8.8CVSS6.8AI score0.01773EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2019/12/17 3:15 p.m.18 views

CVE-2019-16556

Jenkins Rundeck Plugin 3.6.5 and earlier stores credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS6.7AI score
Exploits0References2
Cvelist
Cvelist
added 2019/11/21 2:11 p.m.32 views

CVE-2019-16542

Jenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

6.4AI score0.00852EPSS
Exploits0References2
NVD
NVD
added 2019/10/23 1:15 p.m.22 views

CVE-2019-10467

Jenkins Sonar Gerrit Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS6.4AI score0.00852EPSS
Exploits0References2
CVE
CVE
added 2019/10/23 12:45 p.m.66 views

CVE-2019-10459

CVE-2019-10459 affects Jenkins Mattermost Notification Plugin ≤ 2.7.0. The vulnerability stems from webhook URLs containing a secret token being stored unencrypted in the plugin’s global configuration and in job config.xml on the Jenkins master, enabling disclosure by users with Extended Read per...

6.5CVSS6.3AI score0.00927EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/09/25 4:15 p.m.21 views

CVE-2019-10414

Jenkins Git Changelog Plugin 2.17 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS6.4AI score0.01038EPSS
Exploits0References2
Rows per page
Query Builder