GHSA-jx45-xp6q-cwjc

Source

https://github.com/advisories/GHSA-jx45-xp6q-cwjc

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/01/GHSA-jx45-xp6q-cwjc/GHSA-jx45-xp6q-cwjc.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-jx45-xp6q-cwjc

Aliases

CVE-2025-0142

Published

2025-01-30T21:31:23Z

Modified

2025-03-13T19:28:47.330353Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

Jenkins Zoom Plugin Stores Sensitive Information in Cleartext

Details

Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version 1.4 may allow an authenticated user to conduct a disclosure of information via network access.

Database specific

{
    "nvd_published_at": "2025-01-30T20:15:33Z",
    "cwe_ids": [
        "CWE-312"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2025-03-13T19:19:06Z"
}

References

Affected packages

Maven / io.jenkins.plugins:zoom

Package

Name: io.jenkins.plugins:zoom; View open source insights on deps.dev
Purl: pkg:maven/io.jenkins.plugins/zoom

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4

Affected versions

1.*

1.0

1.1

1.2

1.3