16 matches found
EUVD-2022-3950
Malicious code in bioql PyPI...
EUVD-2022-5429
Malicious code in bioql PyPI...
CVE-2019-10427
Jenkins Aqua MicroScanner Plugin 1.0.7 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...
CVE-2019-10316
Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
Jenkins Aqua MicroScanner Plugin stored credentials in plain text
Jenkins Aqua MicroScanner Plugin stored credentials unencrypted in its global configuration file on the Jenkins controller. These credentials could be viewed by users with access to the Jenkins controller file system. Aqua MicroScanner Plugin now stores credentials encrypted...
CloudBees Jenkins Aqua MicroScanner Plugin Elevation of Privilege Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Dependency Graph Viewer Plugin is used in...
CVE-2019-10427
Jenkins Aqua MicroScanner Plugin 1.0.7 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...
CVE-2019-10427
Jenkins Aqua MicroScanner Plugin 1.0.7 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...
Code injection
Jenkins Aqua MicroScanner Plugin 1.0.7 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...
PT-2019-11821 · Jenkins · Jenkins Aqua Microscanner Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Aqua MicroScanner Plugin version 1.0.7 and earlier Description: The issue involves the transmission of configured credentials in plain text as part of the global Jenkins configuration form, potentially leading to their exposure...
CVE-2019-10316
Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
CVE-2019-10316
Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
Design/Logic Flaw
Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
CVE-2019-10316
Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...
CVE-2019-10316
The vulnerability CVE-2019-10316 affects Jenkins Aqua MicroScanner Plugin versions 1.0.5 and earlier. The root cause is that credentials were stored unencrypted in the plugin’s global configuration file on the Jenkins master/controller, allowing any user with filesystem access to view them. Explo...
PT-2019-11718 · Jenkins · Jenkins Aqua Microscanner Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Aqua MicroScanner Plugin versions 1.0.5 and earlier Description: The issue concerns the storage of credentials in the Jenkins Aqua MicroScanner Plugin. Specifically, the plugin stored credentials unencrypted in its global configuratio...