CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-41248

Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.7%

CVSS Severity

CVSS v3 Score 5.3

References

Products affected by CVE-2022-41248

Jenkins » Bigpanda Notifier » Version: 1.0

cpe:2.3:a:jenkins:bigpanda_notifier:1.0
Jenkins » Bigpanda Notifier » Version: 1.1

cpe:2.3:a:jenkins:bigpanda_notifier:1.1
Jenkins » Bigpanda Notifier » Version: 1.3.1

cpe:2.3:a:jenkins:bigpanda_notifier:1.3.1
Jenkins » Bigpanda Notifier » Version: 1.3.2

cpe:2.3:a:jenkins:bigpanda_notifier:1.3.2
Jenkins » Bigpanda Notifier » Version: 1.3.3

cpe:2.3:a:jenkins:bigpanda_notifier:1.3.3
Jenkins » Bigpanda Notifier » Version: 1.3.4

cpe:2.3:a:jenkins:bigpanda_notifier:1.3.4
Jenkins » Bigpanda Notifier » Version: 1.4.0

cpe:2.3:a:jenkins:bigpanda_notifier:1.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-41248

Products

Pricing

Contact Us