Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.jenkins-ci.plugins/bumblebee@4.1.5
purl pkg:maven/org.jenkins-ci.plugins/bumblebee@4.1.5
Next non-vulnerable version 4.1.6
Latest non-vulnerable version 4.1.6
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-7fep-hazu-2fgt
Aliases:
CVE-2021-21614
GHSA-8v72-qr3h-c6rv
Credentials stored in plain text by Jenkins Bumblebee HP ALM Plugin Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file `com.agiletestware.bumblebee.BumblebeeGlobalConfig.xml` on the Jenkins controller as part of its configuration. These credentials can be viewed by users with access to the Jenkins controller file system. Jenkins Bumblebee HP ALM Plugin 4.1.6 stores credentials encrypted once its configuration is saved again.
4.1.6
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-02T12:37:50.726104+00:00 GitLab Importer Affected by VCID-7fep-hazu-2fgt https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.plugins/bumblebee/CVE-2021-21614.yml 38.0.0
2026-04-01T16:01:55.777301+00:00 GHSA Importer Affected by VCID-7fep-hazu-2fgt https://github.com/advisories/GHSA-8v72-qr3h-c6rv 38.0.0