cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-41248,https://securityvulnerability.io/vulnerability/CVE-2022-41248,Insufficient API Key Protection in BigPanda Notifier Plugin for Jenkins,"The BigPanda Notifier Plugin for Jenkins fails to adequately mask the BigPanda API key in its global configuration settings. This oversight enables malicious actors to potentially view and capture the API key, posing a substantial risk to system security and the integrity of the API.",Jenkins,Jenkins Bigpanda Notifier Plugin,5.3,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2022-09-21T15:46:06.000Z,0
CVE-2022-41247,https://securityvulnerability.io/vulnerability/CVE-2022-41247,Exposure of API Key in Jenkins BigPanda Notifier Plugin by Jenkins,"The Jenkins BigPanda Notifier Plugin prior to version 1.4.0 stores the BigPanda API key in an unencrypted format within the global configuration file on the Jenkins controller. This design flaw allows users with access to the Jenkins controller file system to view sensitive API keys, potentially leading to unauthorized access and data exposure.",Jenkins,Jenkins Bigpanda Notifier Plugin,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-09-21T15:46:05.000Z,0