Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.
Reference…
[com.dubture.jenkins:digitalocean-plugin] Token stored in plain text by DigitalOcean Plugin
Jenkins DigitalOcean Plugin 1.1 and earlier stores a token unencrypted in the global config.xml file on the Jenkins master where it can be viewed by users with access to the master file system.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2126…
[RPD:bmc-rpd] Credential stored in plain text by BMC Release Package and Deployment Plugin
Jenkins BMC Release Package and Deployment Plugin 1.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. As of publication of this a…
[com.parasoft:environment-manager] Password stored in plain text by Parasoft Environment Manager Plugin
Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.
References
htt…
[com.catalogic.ecxjenkins:catalogic-ecx] Password stored in plain text by ECX Copy Data Management Plugin
Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.
References
https://…
[org.jenkins-ci.plugins:pipeline-githubnotify-step] CSRF vulnerability in Pipeline GitHub Notify Step Plugin allows capturing credentials
A cross-site request forgery vulnerability in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing cred…
[org.jenkins-ci.plugins:pipeline-build-step] Users with Overall/Read access can enumerate credential IDs in Pipeline GitHub Notify Step Plugin
Pipeline GitHub Notify Step Plugin 1.0.4 and earlier provides a list of applicable credential IDs to allow users configuring the plugin to select the one to use.
This functionality does not correctly check permissions, allowing any user with Overall/Re…
[org.jenkins-ci.plugins:pipeline-githubnotify-step] Missing permission checks in Pipeline GitHub Notify Step Plugin allows capturing credentials
A missing permission check in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, c…
[org.jenkins-ci.plugins:azure-ad] Client secret transmitted in plain text by Azure AD Plugin
Azure AD Plugin stores a client secret in its global configuration.
While the credential is stored encrypted on disk, it is transmitted in plain text as part of the configuration form by Azure AD Plugin 1.1.2 and earlier. This can result in exposure of…
[org.jenkins-ci.plugins:nunit] XXE vulnerability in NUnit Plugin
NUnit Plugin 0.25 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks.
This allows a user able to control the input files for its post-build step to have Jenkins parse a crafted file that uses external entities fo…