11 matches found
CVE-2019-10350
Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
GHSA-5HHG-Q22C-6G39 Jenkins Port Allocator Plugin stores credentials in plain text
Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...
org.jenkins-ci.plugins:android-emulator (>=${revision}651.v471170b_2a_734 <=652.v185536c05086) potentially affected by CVE-2019-10350 via org.jenkins-ci.plugins:port-allocator (=1.10)
org.jenkins-ci.plugins:port-allocator MAVEN version =1.10 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:port-allocator and may be impacted: - org.jenkins-ci.plugins:android-emulator =$revision651.v471170b2a734, =652.v185536c050...
Jenkins Port Allocator Plugin stores credentials in plain text
Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...
Jenkins Port Allocator Cleartext Storage of Credentials Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Jenkins Port Allocator. Authentication is required to exploit this vulnerability. The specific flaw exists within the Port Allocator plugin. The issue results from storing credentials in...
Unspecified Vulnerability in CloudBees Jenkins Port Allocator Plugin
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Port Allocator Plugin is used in which a TCP...
CVE-2019-10350
Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10350
Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
Design/Logic Flaw
Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10350
Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10350
Summary: CVE-2019-10350 affects the CloudBees/Jenkins Port Allocator Plugin. The vulnerability stems from credentials being stored in plaintext in job config.xml files on the Jenkins master, enabling disclosure to users with Extended Read permission or with access to the master filesystem. The CV...