Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Datadog Plugin stores an API key to access the Datadog service in the global Jenkins configuration. While the API key is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the API key for example through browser extensions or cross-site scripting vulnerabilities. The Datadog Plugin now encrypts the API key transmitted to administrators viewing the global configuration form.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CloudBees Jenkins Datadog Plugin 安全漏洞
Vulnerability Description
CloudBees Jenkins(前称Hudson Labs)是美国CloudBees公司的一套基于Java开发的持续集成工具,它主要用于监控持续的软件版本发布/测试项目和一些定时执行的任务。Datadog Plugin是其中的一个云端服务监控插件。 CloudBees Jenkins Datadog Plugin中存在安全漏洞,该漏洞源于程序以明文的方式传递配置表中的API密钥。远程攻击者可利用该漏洞获取API密钥。
CVSS Information
N/A
Vulnerability Type
N/A