Description
Jenkins IRC Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
Remediation
References
http://www.openwall.com/lists/oss-security/2019/04/12/2
http://www.securityfocus.com/bid/107790
https://jenkins.io/security/advisory/2019-04-03/#SECURITY-829
Related Vulnerabilities
CVE-2023-22580 Vulnerability in npm package @sequelize/core
CVE-2019-10791 Vulnerability in npm package promise-probe
CVE-2022-33683 Vulnerability in maven package org.apache.pulsar:pulsar-broker
CVE-2022-28156 Vulnerability in maven package com.surenpi.jenkins:phoenix-autotest
CVE-2021-38542 Vulnerability in maven package org.apache.james:james-server