Aqua Security Scanner

aqua_security_scanner

Vendor: Jenkins • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-53653 1Jenkins 1Aqua Security Scanner Nov 4, 2025 Jul 9, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permissio...Show more Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.Show less
CVE-2019-10428 1Jenkins 1Aqua Security Scanner Nov 21, 2024 Sep 25, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Jenkins Aqua Security Scanner Plugin 3.0.17 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
CVE-2019-1003069 1Jenkins 1Aqua Security Scanner Nov 21, 2024 Apr 4, 2019 N/A· v4 8.8 HIGH· v3 4.0 MEDIUM· v2 Jenkins Aqua Security Scanner Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.