Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/de.tracetronic.jenkins.plugins/ecutest@2.23.1
purl pkg:maven/de.tracetronic.jenkins.plugins/ecutest@2.23.1
Next non-vulnerable version 2.24
Latest non-vulnerable version 2.24
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-aver-ae34-63e3
Aliases:
CVE-2021-21612
GHSA-qvjr-x8fw-hghv
Credentials stored in plain text by Jenkins TraceTronic ECU-TEST Plugin Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file `de.tracetronic.jenkins.plugins.ecutest.report.atx.installation.ATXInstallation.xml` on the Jenkins controller as part of its configuration. These credentials can be viewed by users with access to the Jenkins controller file system. Jenkins TraceTronic ECU-TEST Plugin 2.24 adds a new option type for sensitive options. Previously stored credentials are migrated to that option type on Jenkins startup.
2.24
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-03T21:26:13.122491+00:00 GitLab Importer Affected by VCID-aver-ae34-63e3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/de.tracetronic.jenkins.plugins/ecutest/CVE-2021-21612.yml 38.1.0
2026-04-01T16:01:55.836995+00:00 GHSA Importer Affected by VCID-aver-ae34-63e3 https://github.com/advisories/GHSA-qvjr-x8fw-hghv 38.0.0