CVE-2020-2232

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-2232
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-2232.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-2232
Aliases
Published
2020-08-12T14:15:13.330Z
Modified
2026-03-15T22:34:52.095553Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Jenkins Email Extension Plugin 2.72 and 2.73 transmits and displays the SMTP password in plain text as part of the global Jenkins configuration form, potentially resulting in its exposure.

References

Affected packages

Git / github.com/jenkinsci/email-ext-plugin

Affected ranges

Type
GIT
Repo
https://github.com/jenkinsci/email-ext-plugin
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d4308ca77b9b23b3281c08d4cc0ff325b60ba0d7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
45fe36d67241767f5a61b1b81e07ee9bf5402487
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.72"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.73"
        }
    ]
}

Affected versions

email-ext-2.*
email-ext-2.11
email-ext-2.12
email-ext-2.13
email-ext-2.14
email-ext-2.15
email-ext-2.16
email-ext-2.17
email-ext-2.18
email-ext-2.19
email-ext-2.20
email-ext-2.21
email-ext-2.22
email-ext-2.24
email-ext-2.24.1
email-ext-2.25
email-ext-2.27
email-ext-2.27.1
email-ext-2.28
email-ext-2.29
email-ext-2.30
email-ext-2.30.1
email-ext-2.30.2
email-ext-2.31
email-ext-2.32
email-ext-2.33
email-ext-2.34
email-ext-2.35
email-ext-2.35.1
email-ext-2.36
email-ext-2.37
email-ext-2.37.1
email-ext-2.37.2
email-ext-2.38
email-ext-2.38.1
email-ext-2.39
email-ext-2.40
email-ext-2.40.1
email-ext-2.40.2
email-ext-2.40.3
email-ext-2.40.4
email-ext-2.40.5
email-ext-2.41
email-ext-2.41.2
email-ext-2.42
email-ext-2.43
email-ext-2.44
email-ext-2.45
email-ext-2.46
email-ext-2.47
email-ext-2.48
email-ext-2.49
email-ext-2.50
email-ext-2.51
email-ext-2.52
email-ext-2.53
email-ext-2.54
email-ext-2.55
email-ext-2.56
email-ext-2.57
email-ext-2.57.1
email-ext-2.57.2
email-ext-2.58
email-ext-2.59
email-ext-2.60
email-ext-2.61
email-ext-2.62
email-ext-2.63
email-ext-2.64
email-ext-2.65
email-ext-2.66
email-ext-2.67
email-ext-2.68
email-ext-2.69
email-ext-2.71
email-ext-2.72

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-2232.json"