Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-2866

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00988EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 1:14 p.m.10 views

CVE-2018-1000191

A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

6.5CVSS6.1AI score0.00988EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/05/14 1:9 a.m.23 views

Jenkins Black Duck Detect Plugin information exposure vulnerability

Jenkins Black Duck Detect Plugin did not perform permission checks on methods implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credential...

6.5CVSS6.7AI score0.00988EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2018/06/07 12:0 a.m.6 views

CloudBees Jenkins Black Duck Detect Plugin Information Disclosure Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is a set of U.S. CloudBees, Inc. based on Java development of continuous integration tools , the tool is mainly used to monitor the order of repetitive work . Black Duck Detect Plugin is used in one of the plug-ins for the detection of known securit...

6.5CVSS6.2AI score0.00988EPSS
Exploits0References1
NVD
NVD
added 2018/06/05 8:29 p.m.17 views

CVE-2018-1000191

A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

6.5CVSS6.3AI score0.00988EPSS
Exploits0References1
OSV
OSV
added 2018/06/05 8:29 p.m.15 views

CVE-2018-1000191

A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

6.5CVSS6.5AI score
Exploits0References1
CVE
CVE
added 2018/06/05 8:0 p.m.52 views

CVE-2018-1000191

The CVE-2018-1000191 issue affects Jenkins Black Duck Detect Plugin (versions 1.4.0 and older). A flaw in DetectPostBuildStepDescriptor.java lets attackers with Overall/Read access connect to an attacker-specified URL using attacker-specified credentials IDs, enabling capture of credentials store...

6.5CVSS6.2AI score0.00988EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/06/05 8:0 p.m.17 views

CVE-2018-1000191

A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

6.3AI score0.00988EPSS
Exploits0References1
Rows per page
Query Builder