|
199501
|
8.8 |
HIGH
Network
|
jenkins
|
script_security
|
Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted constructor calls and crafted constructor bodies.
|
CWE-863
Incorrect Authorization
|
CVE-2020-2134
|
2024-11-21 14:24 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199502
|
6.5 |
MEDIUM
Network
|
jenkins
|
applatix
|
Jenkins Applatix Plugin 1.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the mas…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-2133
|
2024-11-21 14:24 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199503
|
6.5 |
MEDIUM
Network
|
jenkins
|
parasoft_environment_manager
|
Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission,…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-2132
|
2024-11-21 14:24 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199504
|
6.5 |
MEDIUM
Network
|
jenkins
|
harvest_scm
|
Jenkins Harvest SCM Plugin 0.5.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to t…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-2131
|
2024-11-21 14:24 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199505
|
6.5 |
MEDIUM
Network
|
jenkins
|
harvest_scm
|
Jenkins Harvest SCM Plugin 0.5.1 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-2130
|
2024-11-21 14:24 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199506
|
6.5 |
MEDIUM
Network
|
jenkins
|
eagle_tester
|
Jenkins Eagle Tester Plugin 1.0.9 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file syste…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-2129
|
2024-11-21 14:24 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199507
|
4.3 |
MEDIUM
Network
|
jenkins
|
ecx_copy_data_management
|
Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or a…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-2128
|
2024-11-21 14:24 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199508
|
4.3 |
MEDIUM
Network
|
jenkins
|
bmc_release_package_and_deployment
|
Jenkins BMC Release Package and Deployment Plugin 1.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access t…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-2127
|
2024-11-21 14:24 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199509
|
4.3 |
MEDIUM
Network
|
jenkins
|
digitalocean
|
Jenkins DigitalOcean Plugin 1.1 and earlier stores a token unencrypted in the global config.xml file on the Jenkins master where it can be viewed by users with access to the master file system.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-2126
|
2024-11-21 14:24 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199510
|
4.3 |
MEDIUM
Network
|
jenkins
|
debian_package_builder
|
Jenkins Debian Package Builder Plugin 1.6.11 and earlier stores a GPG passphrase unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-2125
|
2024-11-21 14:24 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
