Total
1025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-2133 | 1 Jenkins | 1 Applatix | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Applatix Plugin 1.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-16556 | 1 Jenkins | 1 Rundeck | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Rundeck Plugin 3.6.5 and earlier stores credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-1003097 | 1 Jenkins | 1 Crowd Integration | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Crowd Integration Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-10385 | 1 Jenkins | 1 Eggplant | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins eggPlant Plugin 2.2 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2020-2164 | 1 Jfrog | 1 Artifactory | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system. | |||||
| CVE-2021-21634 | 1 Jenkins | 1 Jabber \(xmpp\) Notifier And Control | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Jabber (XMPP) notifier and control Plugin 1.41 and earlier stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | |||||
| CVE-2019-10419 | 1 Jenkins | 1 Vfabric Application Director | 2023-10-25 | 2.1 LOW | 5.5 MEDIUM |
| Jenkins vFabric Application Director Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-10460 | 1 Jenkins | 1 Bitbucket Oauth | 2023-10-25 | 2.1 LOW | 7.8 HIGH |
| Jenkins Bitbucket OAuth Plugin 0.9 and earlier stored credentials unencrypted in the global config.xml configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | |||||
| CVE-2019-16544 | 1 Qmetry | 1 Jenkins Qmetry For Jira | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins QMetry for JIRA - Test Management Plugin 1.12 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2020-2314 | 1 Jenkins | 1 Appspider | 2023-10-25 | 2.1 LOW | 5.5 MEDIUM |
| Jenkins AppSpider Plugin 1.0.12 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | |||||
| CVE-2019-10398 | 1 Jenkins | 1 Beaker Builder | 2023-10-25 | 2.1 LOW | 5.5 MEDIUM |
| Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | |||||
| CVE-2019-10378 | 1 Jenkins | 1 Testlink | 2023-10-25 | 2.1 LOW | 5.3 MEDIUM |
| Jenkins TestLink Plugin 3.16 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2020-2319 | 1 Jenkins | 1 Vmware Lab Manager Slaves | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | |||||
| CVE-2019-10291 | 1 Jenkins | 1 Netsparker Cloud Scan | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | |||||
| CVE-2019-10298 | 1 Jenkins | 1 Koji | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-10429 | 1 Jenkins | 1 Gitlab Logo | 2023-10-25 | 2.1 LOW | 5.5 MEDIUM |
| Jenkins GitLab Logo Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-10277 | 1 Jenkins | 1 Starteam | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins StarTeam Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-10415 | 1 Jenkins | 1 Violation Comments To Gitlab | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Violation Comments to GitLab Plugin 2.28 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | |||||
| CVE-2019-10476 | 1 Jenkins | 1 Zulip | 2023-10-25 | 2.1 LOW | 7.8 HIGH |
| Jenkins Zulip Plugin 1.1.0 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | |||||
| CVE-2020-2212 | 1 Jenkins | 1 Github Coverage Reporter | 2023-10-25 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins GitHub Coverage Reporter Plugin 1.8 and earlier stores secrets unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system or read permissions on the system configuration. | |||||