CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/05/23 6:43 a.m.•8 views

CVE-2024-47805

Jenkins Credentials Plugin 1380.va435002fa924 and earlier, except 1371.1373.v4ebfab7161e9, does not redact encrypted values of credentials using the SecretBytes type when accessing item config.xml via REST API or CLI...

7.5CVSS6.8AI score0.00242EPSS

Exploits0References1

Github Security Blog•added 2024/10/02 6:31 p.m.•26 views

Jenkins Credentials plugin reveals encrypted values of credentials to users with Extended Read permission

Jenkins Credentials Plugin 1380.va435002fa924 and earlier, except 1371.1373.v4ebfab7161e9, does not redact encrypted values of credentials using the SecretBytes type e.g., Certificate credentials, or Secret file credentials from Plain Credentials Plugin when accessing item config.xml via REST API...

7.5CVSS6.9AI score0.00242EPSS

Exploits0References3Affected Software1

NVD•added 2024/10/02 4:15 p.m.•32 views

CVE-2024-47805

7.5CVSS0.00242EPSS

Exploits0References1

Vulnrichment•added 2024/10/02 3:35 p.m.•18 views

CVE-2024-47805

7.1AI score0.00242EPSS

Exploits0References1

Positive Technologies•added 2024/10/02 12:0 a.m.•3 views

PT-2024-32821 · Jenkins · Credentials Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Credentials Plugin versions 1380.va 435002fa 924 and earlier, except version 1371.1373.v4eb fa b 7161e9 Description: The issue concerns the Jenkins Credentials Plugin, which does not redact encrypted values of credentials using the...

7.5CVSS7AI score0.00242EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by