Lucene search
K

5 matches found

OSV
OSV
added 2023/05/16 6:30 p.m.33 views

GHSA-V3FV-V9M6-26G3 Jenkins HashiCorp Vault Plugin has improper masking of credentials

Jenkins HashiCorp Vault Plugin 360.v0a1c04cf807d and earlier does not properly mask i.e., replace with asterisks credentials printed in the build log from Pipeline steps like sh and bat, when both of the following conditions are met: - The credentials are printed in build steps executing on an...

4.3CVSS7.5AI score0.00601EPSS
Exploits0References2
OSV
OSV
added 2022/05/13 1:18 a.m.18 views

GHSA-9R7F-RQHW-J8H8 Incorrect permission checks in Pipeline: Nodes and Processes plugin

On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline node blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes...

4.8CVSS6.1AI score0.01031EPSS
Exploits0References2
CNVD
CNVD
added 2018/01/25 12:0 a.m.5 views

Unspecified Vulnerability in Pipeline: Nodes and Processes Plugin

Pipeline: Nodes and Processes is a node and process plugin for use in Jenkins. A security vulnerability exists in Pipeline: Nodes and Processes plugin version 2.17 and earlier, which stems from the program failing to properly detect permissions. No information about this vulnerability is availabl...

4.9CVSS6.6AI score0.01031EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/01/24 8:50 a.m.28 views

CVE-2018-1000015

On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline node blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes...

4.9CVSS3.5AI score0.01031EPSS
Exploits0References2
CVE
CVE
added 2018/01/23 2:0 p.m.51 views

CVE-2018-1000015

CVE-2018-1000015 affects Jenkins with the Authorize Project plugin where authentication for a build may lack Computer/Build permission on some agents. The vulnerability arises from incorrect permission checks in Pipeline: Nodes and Processes plugin versions 2.17 and earlier, which allowed executi...

4.9CVSS5.2AI score0.01031EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder