Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-27195 | 1 Jenkins | 1 Parameterized Trigger | 2023-01-30 | 2.1 LOW | 5.5 MEDIUM |
Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their `build.xml` files. These values are stored unencrypted and can be viewed by users with access to the Jenkins controller file system. | |||||
CVE-2017-1000084 | 1 Jenkins | 1 Parameterized Trigger | 2019-10-02 | 4.0 MEDIUM | 6.5 MEDIUM |
Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins. |