Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Deploy to container Plugin stored passwords unencrypted as part of its configuration. This allowed users with Jenkins master local file system access, or users with Extended Read access to the jobs it is used in, to retrieve those passwords. The Deploy to container Plugin now integrates with Credentials Plugin to store passwords securely, and automatically migrates existing passwords.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CloudBees Jenkins Deploy to Container插件信息泄露漏洞
Vulnerability Description
CloudBees Jenkins(前称Hudson Labs)是美国CloudBees公司的一套基于Java开发的持续集成工具,它主要用于监控持续的软件版本发布/测试项目和一些定时执行的任务。Deploy to Container Plugin是其中的一个部署插件。 CloudBees Jenkins Deploy to Container插件1.12及之前的版本中存在信息泄露漏洞,该漏洞源于程序没有加密存储在配置中的密码。攻击者可利用该漏洞检索密码。
CVSS Information
N/A
Vulnerability Type
N/A