An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS05Njc4LTVmNmYtd3AzZs4AAiCL

Jenkins Beaker Builder Plugin has Insufficiently Protected Credentials

Beaker builder Plugin stored the Beaker password unencrypted on the Jenkins controller. This password could be viewed by users with access to the Jenkins controller file system.

Beaker builder Plugin now stores these credentials encrypted.

Source: GitHub Advisory Database
Origin: Unspecified
Severity: Low
Classification: General
Published: almost 2 years ago
Updated: 4 months ago

CVSS Score: 3.3
CVSS vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Identifiers: GHSA-9678-5f6f-wp3f, CVE-2019-10398
References: Repository:
Blast Radius: 1.0

Affected Packages

Affected Version Ranges: < 1.10
Fixed in: 1.10