165 matches found
Jenkins Compuware Topaz for Total Test Plugin 代码问题漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A code issue vulnerability...
Jenkins Compuware Topaz for Total Test Plugin 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
CVE-2022-43428
Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process...
CVE-2022-43424
Jenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process...
CVE-2022-43423
CVE-2022-43423 concerns the Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin (versions
CVE-2022-43428
Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process...
CVE-2022-43424
Jenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process...
CVE-2022-43423
Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 2.0.12 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins...
CVE-2022-43431
Affected software: Jenkins plugins, specifically Jenkins Compuware Strobe Measurement Plugin (versions 1.0.1 and earlier). Root cause: a missing permission check in an HTTP endpoint enables attackers with Overall/Read permission to enumerate credentials IDs stored in Jenkins. Impact: information ...
CVE-2022-43424
CVE-2022-43424 affects the Jenkins Compuware Xpediter Code Coverage Plugin (versions 1.0.7 and earlier). The vulnerability arises from an agent/controller message that is not restricted where it can be executed, enabling an attacker who can control agent processes to read Java system properties f...
Jenkins Compuware Topaz for Total Test Plugin 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
CVE-2022-43430
Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-43427
CVE-2022-43427 affects Jenkins with the Compuware Topaz for Total Test Plugin 2.4.8 and earlier . The root issue is that several HTTP endpoints do not perform proper permission checks, allowing attackers with Overall/Read to enumerate the credentials IDs stored in Jenkins. This is a credential di...
CVE-2022-43422
Jenkins Compuware Topaz Utilities Plugin 1.0.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process...
GHSA-G43X-PCC9-F472 Jenkins Compuware Common Configuration Plugin vulnerable to Improper Restriction of XML External Entity Reference
Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to change the contents of the Topaz Workbench CLI home directory on agents to have Jenkins parse a crafted file that uses...
Jenkins Compuware Common Configuration Plugin vulnerable to Improper Restriction of XML External Entity Reference
Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to change the contents of the Topaz Workbench CLI home directory on agents to have Jenkins parse a crafted file that uses...
CVE-2022-41226
Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-41226
Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...