Maven package
org.jenkins-ci.plugins/parameterized-trigger
pkg:maven/org.jenkins-ci.plugins/parameterized-trigger
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-27195 | — | < 2.43.1 | 2.43.1 | Mar 15, 2022 | Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their `build.xml` files. These values are stored unencrypted and can be viewed by us | ||
| CVE-2017-1000084 | Med | 6.5 | < 2.35.1 | 2.35.1 | Oct 5, 2017 | Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins. |
- CVE-2022-27195Mar 15, 2022affected < 2.43.1fixed 2.43.1
Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their `build.xml` files. These values are stored unencrypted and can be viewed by us
- affected < 2.35.1fixed 2.35.1
Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins.