CVE-2019-10397

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-10397

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10397.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2019-10397

Aliases

GHSA-56gj-927p-mfph

Published

2019-09-12T14:15:11.647Z

Modified

2026-05-30T13:25:24.999863Z

Severity

3.1 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

Jenkins Aqua Security Serverless Scanner Plugin 1.0.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure.

References

Affected packages

Git / github.com/jenkinsci/aqua-serverless-plugin

Affected ranges

Type

GIT

Repo

https://github.com/jenkinsci/aqua-serverless-plugin

Events

Introduced

Last affected

18b9d1d3e283703682487e9d1aa5b13c54345011

Database specific

{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.4"
        }
    ],
    "cpe": "cpe:2.3:a:jenkins:aqua_security_severless_scanner:*:*:*:*:*:jenkins:*:*",
    "source": "CPE_RANGE"
}

Affected versions

aqua-serverless-1.*

aqua-serverless-1.0.0

aqua-serverless-1.0.1

aqua-serverless-1.0.2

aqua-serverless-1.0.3

aqua-serverless-1.0.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10397.json"