CVE-2022-34804

Cleartext Storage of Sensitive Information in Executable in maven/org.jenkins-ci.plugins/opsgenie

Identifiers

GHSA-7r65-pjgv-h2h9, CVE-2022-34804

Package Slug

maven/org.jenkins-ci.plugins/opsgenie

Vulnerability

Cleartext Storage of Sensitive Information in Executable

Description

Jenkins OpsGenie Plugin 1.9 and earlier transmits API keys in plain text as part of the global Jenkins configuration form and job configuration forms, potentially resulting in their exposure.

Affected Versions

All versions up to 1.9

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-07-26

source