• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-522

CVE-2020-2212

February 26, 2023 by

Jenkins GitHub Coverage Reporter Plugin 1.8 and earlier stores secrets unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system or read permissions on the system configuration.

CVE-2020-2198

February 26, 2023 by

Jenkins Project Inheritance Plugin 19.08.02 and earlier does not redact encrypted secrets in the ‘getConfigAsXML’ API URL when transmitting job config.xml data to users without Job/Configure.

CVE-2020-21994

February 26, 2023 by

AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/authClients.xml' and obtain administrative login information that allows for a successful authentication bypass attack.

CVE-2020-2181

February 26, 2023 by

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets in the build log when the build contains no build steps.

CVE-2020-2182

February 26, 2023 by

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets containing a `$` character in some circumstances.

CVE-2020-2164

February 26, 2023 by

Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 32
  • Go to page 33
  • Go to page 34
  • Go to page 35
  • Go to page 36
  • Interim pages omitted …
  • Go to page 117
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE