24 matches found
EUVD-2022-6781
Malicious code in bioql PyPI...
EUVD-2022-6849
Malicious code in bioql PyPI...
CVE-2022-41248
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it...
CVE-2022-41247
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
GHSA-J7XV-FC46-HGPG Jenkins BigPanda Notifier Plugin stores BigPanda API key unencrypted
BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file BigpandaGlobalNotifier.xml on the Jenkins controller as part of its configuration. This API key can be viewed by users with access to the Jenkins controller file system. Additionall...
Jenkins BigPanda Notifier Plugin stores BigPanda API key unencrypted
BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file BigpandaGlobalNotifier.xml on the Jenkins controller as part of its configuration. This API key can be viewed by users with access to the Jenkins controller file system. Additionall...
Jenkins BigPanda Notifier Plugin Missing Password Field Masking
BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file BigpandaGlobalNotifier.xml on the Jenkins controller as part of its configuration. This API key can be viewed by users with access to the Jenkins controller file system. Additionall...
GHSA-CPM5-CQR9-7P79 Jenkins BigPanda Notifier Plugin Missing Password Field Masking
BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file BigpandaGlobalNotifier.xml on the Jenkins controller as part of its configuration. This API key can be viewed by users with access to the Jenkins controller file system. Additionall...
CVE-2022-41248
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it...
CVE-2022-41247
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
CVE-2022-41247
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
CVE-2022-41248
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it...
Design/Logic Flaw
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
Design/Logic Flaw
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it...
CVE-2022-41248
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it...
CVE-2022-41248
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it...
CVE-2022-41248
CVE-2022-41248 affects Jenkins BigPanda Notifier Plugin (versions ≤ 1.4.0). The root cause is that the plugin does not mask the BigPanda API key in the global configuration form and stores the API key in plaintext in the Jenkins controller file system (e.g., BigpandaGlobalNotifier.xml). This expo...
CVE-2022-41247
CVE-2022-41247 — Jenkins BigPanda Notifier Plugin : The plugin versions 1.4.0 and earlier store the BigPanda API key unencrypted in the Jenkins controller’s global configuration file (BigpandaGlobalNotifier.xml) and do not mask it in the global configuration form, allowing users with Jenkins cont...
CVE-2022-41247
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
CVE-2022-41247
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...