Credential Exposure Affecting org.jenkins-ci.plugins:skytap package, versions [0,]
Snyk CVSS
Attack Complexity
High
User Interaction
Required
Threat Intelligence
EPSS
0.05% (21st
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-JAVA-ORGJENKINSCIPLUGINS-559582
- published 10 Mar 2020
- disclosed 9 Mar 2020
- credit James Holderness, IB Boost
Introduced: 9 Mar 2020
CVE-2020-2157 Open this link in a new tabHow to fix?
There is no fixed version for org.jenkins-ci.plugins:skytap
.
Overview
org.jenkins-ci.plugins:skytap is a plugin for integrating Jenkins build and deployment processes with Skytap Cloud.
Affected versions of this package are vulnerable to Credential Exposure. It transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure.