cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-34801,https://securityvulnerability.io/vulnerability/CVE-2022-34801,Information Exposure in Jenkins Build Notifications Plugin by CloudBees,"The Jenkins Build Notifications Plugin prior to version 1.5.0 exposes sensitive tokens in plain text during transmission in the global Jenkins configuration form. This design flaw could allow unauthorized access to these tokens, potentially compromising the security of the Jenkins environment.",Jenkins,Jenkins Build Notifications Plugin,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-30T17:48:09.000Z,0
CVE-2022-34800,https://securityvulnerability.io/vulnerability/CVE-2022-34800,Insecure Token Storage in Jenkins Build Notifications Plugin by Jenkins,"The Jenkins Build Notifications Plugin stores sensitive tokens in an unencrypted format within its global configuration files on the Jenkins controller. This vulnerability allows users with file system access to the Jenkins controller to potentially view these tokens, which may lead to unauthorized actions or information disclosure. Proper security measures should be implemented to safeguard sensitive configuration data from unauthorized access.",Jenkins,Jenkins Build Notifications Plugin,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-30T17:48:04.000Z,0