231 matches found
CVE-2019-16542
Jenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
EUVD-2022-3765
Malicious code in bioql PyPI...
EUVD-2022-5446
Malicious code in bioql PyPI...
EUVD-2022-5806
Malicious code in bioql PyPI...
EUVD-2022-5709
Malicious code in bioql PyPI...
EUVD-2022-3623
Malicious code in bioql PyPI...
CVE-2019-10294
Jenkins Kmap Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-1003089
Jenkins Upload to pgyer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10347
Jenkins Mashup Portlets Plugin stored credentials unencrypted on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10451
Jenkins SOASTA CloudTest Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
GHSA-QJ7P-9HGF-X8J7 Passwords stored in plain text by Harvest SCM Plugin
Jenkins Harvest SCM Plugin 0.5.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
Passwords stored in plain text by Harvest SCM Plugin
Jenkins Harvest SCM Plugin 0.5.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
Credential stored in plain text by BMC Release Package and Deployment Plugin
Jenkins BMC Release Package and Deployment Plugin 1.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. As of publication of this advisory, there is no fix...
Token stored in plain text by DigitalOcean Plugin
Jenkins DigitalOcean Plugin 1.1 and earlier stores a token unencrypted in the global config.xml file on the Jenkins master where it can be viewed by users with access to the master file system...
GHSA-5C97-GXR3-R368 Jenkins Weibo Plugin stores credentials unencrypted in its global configuration file
Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
GHSA-R9XC-54CQ-99R7 Cleartext Storage of Sensitive Information in Jenkins ElasticBox CI Plugin
Jenkins ElasticBox CI Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Cleartext Storage of Sensitive Information in Jenkins ElasticBox CI Plugin
Jenkins ElasticBox CI Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
GHSA-8X6C-375H-PM4F Cleartext Storage of Sensitive Information in Jenkins Extensive Testing Plugin
Jenkins Extensive Testing Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
Cleartext Storage of Sensitive Information in Jenkins Extensive Testing Plugin
Jenkins Extensive Testing Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
Stored credentials unencrypted in Jenkins Mashup Portlets Plugin
Jenkins Mashup Portlets Plugin stored credentials unencrypted on the Jenkins master where they can be viewed by users with access to the master file system...