Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2020-2274
CVE-2020-2274
Jenkins ElasTest Plugin 1.2.1 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
Published Feb 4, 2026
https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-2014
http://www.openwall.com/lists/oss-security/2020/09/16/3
https://github.com/advisories/GHSA-p9rc-x48f-582x
CVSS Score
Medium
5.5
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
maven
org.jenkins-ci.plugins/elastest
0.10.0-beta1
maven
org.jenkins-ci.plugins/elastest
0.10.0-beta2
maven
org.jenkins-ci.plugins/elastest
0.10
maven
org.jenkins-ci.plugins/elastest
0.9.1-beta-1
maven
org.jenkins-ci.plugins/elastest
0.9.1-beta-2
maven
org.jenkins-ci.plugins/elastest
0.9.1-beta-4
maven
org.jenkins-ci.plugins/elastest
0.9.1
maven
org.jenkins-ci.plugins/elastest
1.0-beta1
maven
org.jenkins-ci.plugins/elastest
1.0-beta2
maven
org.jenkins-ci.plugins/elastest
1.0-beta4
maven
org.jenkins-ci.plugins/elastest
1.0-beta5
maven
org.jenkins-ci.plugins/elastest
1.0.0-beta1
maven
org.jenkins-ci.plugins/elastest
1.0.0-beta6
maven
org.jenkins-ci.plugins/elastest
1.0.0-beta7
maven
org.jenkins-ci.plugins/elastest
1.0.0-beta8
maven
org.jenkins-ci.plugins/elastest
1.0.0-beta9
maven
org.jenkins-ci.plugins/elastest
1.0.0
maven
org.jenkins-ci.plugins/elastest
1.0.1
maven
org.jenkins-ci.plugins/elastest
1.1.0
maven
org.jenkins-ci.plugins/elastest
1.2.1
1-20 of 20
CVE-2020-2274 | Components Impacted | Sonatype Guide | Sonatype Guide
