Delphix Jenkins Delphix

Do you want an email whenever new security vulnerabilities are reported in Jenkins Delphix?

By the Year

In 2023 there have been 2 vulnerabilities in Jenkins Delphix with an average score of 5.4 out of ten. Delphix did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2023 as compared to last year.

Year Vulnerabilities Average Score
2023 2 5.40
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 1 7.80
2018 0 0.00

It may take a day or so for new Delphix vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Jenkins Delphix Security Vulnerabilities

Jenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup

CVE-2023-40345 6.5 - Medium - August 16, 2023

Jenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Overall/Read permission to access and capture credentials they are not entitled to.

Insufficiently Protected Credentials

A missing permission check in Jenkins Delphix Plugin 3.0.2 and earlier

CVE-2023-40344 4.3 - Medium - August 16, 2023

A missing permission check in Jenkins Delphix Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

AuthZ

Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they

CVE-2019-10453 7.8 - High - October 16, 2019

Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

Cleartext Storage of Sensitive Information

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Jenkins Delphix or by Jenkins? Click the Watch button to subscribe.

Jenkins
Vendor

subscribe