Description
Jenkins OpsGenie Plugin 1.9 and earlier transmits API keys in plain text as part of the global Jenkins configuration form and job configuration forms, potentially resulting in their exposure.
Remediation
References
https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1877
Related Vulnerabilities
CVE-2022-22984 Vulnerability in npm package snyk
CVE-2018-1199 Vulnerability in maven package org.springframework.security:spring-security-config
CVE-2023-30541 Vulnerability in npm package @openzeppelin/contracts
CVE-2015-0226 Vulnerability in maven package org.apache.ws.security:wss4j
CVE-2018-11775 Vulnerability in maven package org.apache.activemq:activemq-core