Lucene search
China National Vulnerability DatabaseCNVD-2022-16724HistoryFeb 17, 2022 - 12:00 a.m.
Jenkins Pipeline Build Step Plugin Information Disclosure Vulnerability
2022-02-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
0.001 Low
EPSS
Percentile
28.5%
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.An information disclosure vulnerability exists in Jenkins Pipeline Build Step Plugin 2.15 and earlier versions, which stems from displaying password parameter defaults when using the Pipeline snippet generator to generate pipeline scripts. An attacker could exploit this vulnerability to obtain sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins pipeline build step plugin | le | 2.15 |
Related
osv
osv
cvelist
cvelist
CVE-2022-25184
2022-02-15 16:11:08
nvd
nvd
CVE-2022-25184
2022-02-15 17:15:09
cve
cve
CVE-2022-25184
2022-02-15 17:15:09
veracode
veracode
Sensitive Information Disclosure
2022-04-21 00:43:03
github
github
redhatcve
redhatcve
CVE-2022-25184
2022-02-17 17:01:28
prion
prion
Default credentials
2022-02-15 17:15:00
nessus
nessus
RHEL 8 : OpenShift Container Platform 4.10.6 (RHSA-2022:1025)
2022-03-29 00:00:00
RHEL 7 / 8 : OpenShift Container Platform 4.6.57 (RHSA-2022:1620)
2022-05-04 00:00:00
RHEL 8 : OpenShift Container Platform 4.7.48 (RHSA-2022:1248)
2022-04-13 00:00:00
redhat
redhat