|
209661
|
4.3 |
MEDIUM
Network
|
jenkins
|
deployhub
|
Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-2156
|
2024-11-21 14:24 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209662
|
5.3 |
MEDIUM
Network
|
jenkins
|
openshift_deployer
|
Jenkins OpenShift Deployer Plugin 1.2.0 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-2155
|
2024-11-21 14:24 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209663
|
5.5 |
MEDIUM
Local
|
jenkins
|
zephyr_for_jira_test_management
|
Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file system.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2020-2154
|
2024-11-21 14:24 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209664
|
4.3 |
MEDIUM
Network
|
jenkins
|
backlog
|
Jenkins Backlog Plugin 2.4 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-2153
|
2024-11-21 14:24 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209665
|
6.1 |
MEDIUM
Network
|
jenkins
|
subversion_release_manager
|
Jenkins Subversion Release Manager Plugin 1.2 and earlier does not escape the error message for the Repository URL field form validation, resulting in a reflected cross-site scripting vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2020-2152
|
2024-11-21 14:24 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209666
|
5.3 |
MEDIUM
Network
|
jenkins
|
quality_gates
|
Jenkins Quality Gates Plugin 2.5 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-2151
|
2024-11-21 14:24 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209667
|
5.3 |
MEDIUM
Network
|
jenkins
|
sonar_quality_gates
|
Jenkins Sonar Quality Gates Plugin 1.3.1 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-2150
|
2024-11-21 14:24 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209668
|
5.3 |
MEDIUM
Network
|
jenkins
|
repository_connector
|
Jenkins Repository Connector Plugin 1.2.6 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-2149
|
2024-11-21 14:24 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209669
|
4.3 |
MEDIUM
Network
|
jenkins
|
mac
|
A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials.
|
CWE-863
Incorrect Authorization
|
CVE-2020-2148
|
2024-11-21 14:24 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209670
|
4.3 |
MEDIUM
Network
|
jenkins
|
mac
|
A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.
|
CWE-352
Origin Validation Error
|
CVE-2020-2147
|
2024-11-21 14:24 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
