Search for packages
| purl | pkg:maven/de.tracetronic.jenkins.plugins/ecutest@2.24 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-aver-ae34-63e3 | Credentials stored in plain text by Jenkins TraceTronic ECU-TEST Plugin Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file `de.tracetronic.jenkins.plugins.ecutest.report.atx.installation.ATXInstallation.xml` on the Jenkins controller as part of its configuration. These credentials can be viewed by users with access to the Jenkins controller file system. Jenkins TraceTronic ECU-TEST Plugin 2.24 adds a new option type for sensitive options. Previously stored credentials are migrated to that option type on Jenkins startup. |
CVE-2021-21612
GHSA-qvjr-x8fw-hghv |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-03T21:26:13.125810+00:00 | GitLab Importer | Fixing | VCID-aver-ae34-63e3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/de.tracetronic.jenkins.plugins/ecutest/CVE-2021-21612.yml | 38.1.0 |
| 2026-04-01T16:01:55.840336+00:00 | GHSA Importer | Fixing | VCID-aver-ae34-63e3 | https://github.com/advisories/GHSA-qvjr-x8fw-hghv | 38.0.0 |
| 2026-04-01T13:08:12.875873+00:00 | GithubOSV Importer | Fixing | VCID-aver-ae34-63e3 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-qvjr-x8fw-hghv/GHSA-qvjr-x8fw-hghv.json | 38.0.0 |