14 matches found
CVE-2020-2151
Jenkins Quality Gates Plugin 2.5 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...
GHSA-GVCJ-72H4-8XM9 Jenkins Quality Gates Plugin transmits credentials in plain text during configuration
Quality Gates Plugin stores credentials in its global configuration file quality.gates.jenkins.plugin.GlobalConfig.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the configuration form b...
GHSA-6FH3-XHWG-7HFH Jenkins Sonar Quality Gates Plugin transmits credentials in plain text during configuration
Sonar Quality Gates Plugin stores credentials in its global configuration file org.quality.gates.jenkins.plugin.GlobalConfig.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the...
Jenkins Sonar Quality Gates Plugin transmits credentials in plain text during configuration
Sonar Quality Gates Plugin stores credentials in its global configuration file org.quality.gates.jenkins.plugin.GlobalConfig.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the...
Jenkins Quality Gates Plugin transmits credentials in plain text during configuration
Quality Gates Plugin stores credentials in its global configuration file quality.gates.jenkins.plugin.GlobalConfig.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the configuration form b...
Unspecified Vulnerability in CloudBees Jenkins Quality Gates Plugin
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/testing project and some timed tasks . Quality Gates Plugin is used in which a...
CVE-2020-2150
Jenkins Sonar Quality Gates Plugin 1.3.1 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...
CVE-2020-2151
Jenkins Quality Gates Plugin 2.5 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...
CVE-2020-2150
Jenkins Sonar Quality Gates Plugin 1.3.1 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...
CVE-2020-2151
Jenkins Quality Gates Plugin 2.5 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...
CVE-2020-2151
CVE-2020-2151 affects Jenkins Quality Gates Plugin versions 2.5 and earlier. The root cause is that credentials configured in the plugin’s global Jenkins configuration form are transmitted in plain text, potentially exposing them (e.g., via browser extensions or similar vectors). Impact stated as...
CVE-2020-2150
CVE-2020-2150 affects Jenkins Sonar Quality Gates Plugin versions 1.3.1 and earlier. The issue arises because credentials are stored encrypted on disk in GlobalConfig.xml but transmitted in plain text via the plugin’s global configuration form, potentially exposing them (e.g., through browser ext...
PT-2020-15362 · Jenkins · Jenkins Quality Gates Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Quality Gates Plugin versions 2.5 and earlier Description: The issue concerns the transmission of configured credentials in plain text as part of the global Jenkins configuration form. This potentially results in their exposure. The...
PT-2020-15361 · Jenkins · Jenkins Sonar Quality Gates Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Sonar Quality Gates Plugin versions 1.3.1 and earlier Description: The issue concerns the transmission of configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...