Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-12 | CVE-2023-30513 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins Kubernetes Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 7.5 |
| 2023-04-12 | CVE-2023-30514 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins Azure KEY Vault Jenkins Azure Key Vault Plugin 187.va_cd5fecd198a_ and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 7.5 |
| 2023-04-12 | CVE-2023-30515 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins Thycotic Devops Secrets Vault 1.0.0 Jenkins Thycotic DevOps Secrets Vault Plugin 1.0.0 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 7.5 |
| 2023-04-06 | CVE-2023-1802 | Cleartext Transmission of Sensitive Information vulnerability in Docker Desktop 4.17.0/4.17.1 In Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check has failed. A targeted network sniffing attack can lead to a disclosure of sensitive information. | 7.5 |
| 2023-04-03 | CVE-2023-0922 | Cleartext Transmission of Sensitive Information vulnerability in Samba The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection. | 5.9 |
| 2023-03-29 | CVE-2023-1656 | Cleartext Transmission of Sensitive Information vulnerability in Forgerock Ldap Connector Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. | 7.5 |
| 2023-03-27 | CVE-2023-27927 | Cleartext Transmission of Sensitive Information vulnerability in Sauter-Controls Ey-As525F001 Firmware An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password in cleartext format, despite it being protected and hidden behind asterisks. | 6.5 |
| 2023-03-02 | CVE-2023-0053 | Cleartext Transmission of Sensitive Information vulnerability in Sauter-Controls products SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. | 7.5 |
| 2023-02-23 | CVE-2023-23914 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. | 9.1 |
| 2023-02-23 | CVE-2023-23915 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. | 6.5 |