Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS01M2p3LTRnd2gtbThjbc4AAiOF
Jenkins LDAP Email Plugin shows plain text password in configuration form
Jenkins LDAP Email Plugin transmits configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
Permalink: https://github.com/advisories/GHSA-53jw-4gwh-m8cmJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS01M2p3LTRnd2gtbThjbc4AAiOF
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Low
Classification: General
Published: almost 2 years ago
Updated: over 1 year ago
Identifiers: GHSA-53jw-4gwh-m8cm, CVE-2019-10434
References:
- https://nvd.nist.gov/vuln/detail/CVE-2019-10434
- https://jenkins.io/security/advisory/2019-10-01/#SECURITY-1515
- http://www.openwall.com/lists/oss-security/2019/10/01/2
- https://github.com/advisories/GHSA-53jw-4gwh-m8cm
Affected Packages
maven:com.mtvi.plateng.hudson:ldapemail
Dependent packages: 0Dependent repositories: 1
Downloads:
Affected Version Ranges: <= 0.8
No known fixed version
All affected versions: