Maven package
org.jenkins-ci.plugins/lambdatest-automation
pkg:maven/org.jenkins-ci.plugins/lambdatest-automation
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-46653 | — | < 1.21.0 | 1.21.0 | Oct 25, 2023 | Jenkins lambdatest-automation Plugin 1.20.10 and earlier logs LAMBDATEST Credentials access token at the INFO level, potentially resulting in its exposure. | ||
| CVE-2023-46652 | — | < 1.20.10 | 1.20.10 | Oct 25, 2023 | A missing permission check in Jenkins lambdatest-automation Plugin 1.20.9 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of LAMBDATEST credentials stored in Jenkins. |
- CVE-2023-46653Oct 25, 2023affected < 1.21.0fixed 1.21.0
Jenkins lambdatest-automation Plugin 1.20.10 and earlier logs LAMBDATEST Credentials access token at the INFO level, potentially resulting in its exposure.
- CVE-2023-46652Oct 25, 2023affected < 1.20.10fixed 1.20.10
A missing permission check in Jenkins lambdatest-automation Plugin 1.20.9 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of LAMBDATEST credentials stored in Jenkins.