High severity7.5NVD Advisory· Published Feb 12, 2020· Updated Jun 17, 2026
CVE-2020-2114
CVE-2020-2114
Description
Jenkins S3 publisher Plugin 0.11.4 and earlier transmits configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:s3Maven | < 0.11.5 | 0.11.5 |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
5- www.openwall.com/lists/oss-security/2020/02/12/3nvdMailing ListThird Party AdvisoryWEB
- github.com/advisories/GHSA-ffr6-8cv5-j637ghsaADVISORY
- jenkins.io/security/advisory/2020-02-12/nvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2020-2114ghsaADVISORY
- github.com/jenkinsci/s3-plugin/commit/ee92830bc670b1ab70d19b34fa2ee1a3e0dac12cghsaWEB
News mentions
1- Jenkins Security Advisory 2020-02-12Jenkins Security Advisories · Feb 12, 2020