Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2021-21614
CVE-2021-21614
Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
Published Feb 3, 2026
https://github.com/advisories/GHSA-8v72-qr3h-c6rv
CVSS Score
Medium
5.5
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
maven
org.jenkins-ci.plugins/bumblebee
3.0.0
maven
org.jenkins-ci.plugins/bumblebee
3.0.1
maven
org.jenkins-ci.plugins/bumblebee
3.0.2
maven
org.jenkins-ci.plugins/bumblebee
3.0.3
maven
org.jenkins-ci.plugins/bumblebee
4.0.0
maven
org.jenkins-ci.plugins/bumblebee
4.0.1
maven
org.jenkins-ci.plugins/bumblebee
4.0.2
maven
org.jenkins-ci.plugins/bumblebee
4.0.3
maven
org.jenkins-ci.plugins/bumblebee
4.0.4
maven
org.jenkins-ci.plugins/bumblebee
4.0.5
maven
org.jenkins-ci.plugins/bumblebee
4.0.6
maven
org.jenkins-ci.plugins/bumblebee
4.0.7
maven
org.jenkins-ci.plugins/bumblebee
4.0.8
maven
org.jenkins-ci.plugins/bumblebee
4.0.9
maven
org.jenkins-ci.plugins/bumblebee
4.1.0
maven
org.jenkins-ci.plugins/bumblebee
4.1.1
maven
org.jenkins-ci.plugins/bumblebee
4.1.2
maven
org.jenkins-ci.plugins/bumblebee
4.1.3
maven
org.jenkins-ci.plugins/bumblebee
4.1.4
maven
org.jenkins-ci.plugins/bumblebee
4.1.5
1-20 of 20
CVE-2021-21614 | Components Impacted | Sonatype Guide | Sonatype Guide
