Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2022/05/24 5:10 p.m.30 views

Jenkins Sonar Quality Gates Plugin transmits credentials in plain text during configuration

Sonar Quality Gates Plugin stores credentials in its global configuration file org.quality.gates.jenkins.plugin.GlobalConfig.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the...

5.3CVSS5AI score0.00614EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/24 5:10 p.m.14 views

GHSA-6FH3-XHWG-7HFH Jenkins Sonar Quality Gates Plugin transmits credentials in plain text during configuration

Sonar Quality Gates Plugin stores credentials in its global configuration file org.quality.gates.jenkins.plugin.GlobalConfig.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the...

3.1CVSS5AI score0.00614EPSS
Exploits0References4
NVD
NVD
added 2020/03/09 4:15 p.m.32 views

CVE-2020-2150

Jenkins Sonar Quality Gates Plugin 1.3.1 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...

5.3CVSS5.3AI score0.00614EPSS
Exploits0References2
OSV
OSV
added 2020/03/09 4:15 p.m.13 views

CVE-2020-2150

Jenkins Sonar Quality Gates Plugin 1.3.1 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...

5.3CVSS6.8AI score
Exploits0References2
Rows per page
Query Builder