12 matches found
EUVD-2022-4569
Malicious code in bioql PyPI...
CVE-2019-10420
Jenkins Assembla Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2023-30521
A missing permission check in Jenkins Assembla merge request builder Plugin 1.1.13 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository...
Jenkins Assembla Plugin has Insufficiently Protected Credentials
Assembla Plugin stores the Assembla password unencrypted in its global configuration file jenkins.plugin.assembla.AssemblaProjectProperty.xml on the Jenkins controller. This password can be viewed by users with access to the Jenkins controller file system. As of publication of this advisory, ther...
GHSA-MHQ6-H9M7-WQ8C Jenkins Assembla Plugin has Insufficiently Protected Credentials
Assembla Plugin stores the Assembla password unencrypted in its global configuration file jenkins.plugin.assembla.AssemblaProjectProperty.xml on the Jenkins controller. This password can be viewed by users with access to the Jenkins controller file system. As of publication of this advisory, ther...
com.buildcoin.plugins.jenkins:buildcoin-plugin (>=1.0 <=1.4), com.coravy.hudson.plugins.github:github (>=1.1 <=1.8) +99 more potentially affected by CVE-2012-0785 via org.jenkins-ci.main:jenkins-core (>=1.425 <=1.446)
org.jenkins-ci.main:jenkins-core MAVEN version =1.425, =1.0, =1.1, =0.3.2, =1.1, =1.0, =0.1, =1.1, =0.2.5, =1.425, =1.425, =1.425, =1.425, =1.446 and more Source cves: CVE-2012-0785 Source advisory: OSV:GHSA-PCHP-C5W8-47GC...
CloudBees Jenkins Assembla Plugin Password Disclosure Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Dependency Graph Viewer Plugin is used in...
CVE-2019-10420
Jenkins Assembla Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10420
Jenkins Assembla Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10420
Jenkins Assembla Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10420
The CVE-2019-10420 affects the Jenkins Assembla Plugin, which stores the Assembla password unencrypted in the plugin’s global configuration file (jenkins.plugin.assembla.AssemblaProjectProperty.xml) on the Jenkins controller. This allows anyone with access to the Jenkins master/file system to vie...
PT-2019-11814 · Jenkins · Jenkins Assembla Auth Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Assembla Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file of the Jenkins Assembla Plugin on the Jenkins master or controlle...