CVE-2022-41248
5.3MEDIUMJenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it.
게시됨: 9/21/2022업데이트됨: 5/27/2025
설명
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it.
AI 분석AI 기반
영향받는 제품
jenkinsbigpanda_notifier
참조
- http://www.openwall.com/lists/oss-security/2022/09/21/5Mailing ListThird Party Advisory
- https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2243Vendor Advisory
- http://www.openwall.com/lists/oss-security/2022/09/21/5Mailing ListThird Party Advisory
- https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2243Vendor Advisory