EUVD-2022-6422

Malicious code in bioql PyPI...

CVE-2022-36915

Jenkins Android Signing Plugin 2.2.5 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...

CVE-2022-36915

Jenkins Android Signing Plugin 2.2.5 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...

CVE-2022-36915

CVE-2022-36915 affects Jenkins Android Signing Plugin up to version 2.2.5. The issue is a missing permission check in a form-validation path, allowing a user with Item/Read but without Item/Workspace or Item/Configure to determine whether attacker-specified file patterns match workspace contents....

PT-2022-5836 · Jenkins · Jenkins Android Signing Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Android Signing Plugin versions 2.2.5 and earlier Description: The issue is related to a lack of permission check in a method implementing form validation. This allows attackers with Item/Read permission but without Item/Workspace or...

Jenkins Android Signing Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...