Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2020-2291
CVE-2020-2291
Jenkins couchdb-statistics Plugin 0.3 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
Published Feb 4, 2026
https://www.jenkins.io/security/advisory/2020-10-08/
https://www.jenkins.io/security/advisory/2020-10-08/#SECURITY-2065
http://www.openwall.com/lists/oss-security/2020/10/08/5
https://github.com/advisories/GHSA-jrjr-7rf4-3wqh
CVSS Score
Low
3.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
maven
org.jenkins-ci.plugins/couchdb-statistics
0.2.1
maven
org.jenkins-ci.plugins/couchdb-statistics
0.2
maven
org.jenkins-ci.plugins/couchdb-statistics
0.3
1-3 of 3
CVE-2020-2291 | Components Impacted | Sonatype Guide | Sonatype Guide
