Skip to main content

Build Notifications

2 CVEs product

Monthly

CVE-2022-34801 Maven MEDIUM This Month

Jenkins Build Notifications Plugin 1.5.0 and earlier transmits tokens in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Build Notifications
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-34800 Maven MEDIUM This Month

Jenkins Build Notifications Plugin 1.5.0 and earlier stores tokens unencrypted in its global configuration files on the Jenkins controller where they can be viewed by users with access to the Jenkins. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Build Notifications
NVD
CVSS 3.1
4.3
EPSS
0.6%
EPSS 0% CVSS 4.3
MEDIUM This Month

Jenkins Build Notifications Plugin 1.5.0 and earlier transmits tokens in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Build Notifications
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Jenkins Build Notifications Plugin 1.5.0 and earlier stores tokens unencrypted in its global configuration files on the Jenkins controller where they can be viewed by users with access to the Jenkins. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Build Notifications
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy