Lucene search
+L

394 matches found

snyk
snyk
added 2020/04/17 12:0 a.m.2 views

Malicious Package

Overview alertyplugin-datadog-event is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
snyk
snyk
added 2020/04/17 12:0 a.m.2 views

Malicious Package

Overview datadog-proxy is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using datadog-proxy...

8CVSS6.9AI score
Exploits0References2
snyk
snyk
added 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview alerty-plugin-datadog-event is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
snyk
snyk
added 2020/04/17 12:0 a.m.5 views

Malicious Package

Overview datadogcli is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using datadogcli...

8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2020/04/17 12:0 a.m.2 views

Malicious Package

Overview datadognotifications is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS5.5AI score
Exploits0References2
friendsofphp
friendsofphp
added 2019/09/19 2:0 a.m.18 views

Circumvents open_basedir INI directive

More info at https://github.com/DataDog/dd-trace-php/releases/tag/0.30.0...

7.4AI score
Exploits0Affected Software1
hackerone
hackerone
added 2018/04/30 7:4 p.m.24 views

Shopify: Publicly Accessible Datadog link

During my daily scanning of shopify and shopify's internal domain Shopify.io, I landed on a personal bookmark of an employee: █████████ who works at Guru at Shopify. The link for personal bookmark is here: ███ There is a personal bookmark called ██████████. When going to the link: ████████ it...

0.7AI score
Exploits0
osv
osv
added 2017/10/05 1:29 a.m.18 views

CVE-2017-1000114

The Datadog Plugin stores an API key to access the Datadog service in the global Jenkins configuration. While the API key is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the API key for example through browser...

3.1CVSS6AI score
Exploits0References2
nvd
nvd
added 2017/10/05 1:29 a.m.21 views

CVE-2017-1000114

The Datadog Plugin stores an API key to access the Datadog service in the global Jenkins configuration. While the API key is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the API key for example through browser...

4.3CVSS3.6AI score0.01038EPSS
Exploits0References2
prion
prion
added 2017/10/05 1:29 a.m.14 views

Cross site scripting

The Datadog Plugin stores an API key to access the Datadog service in the global Jenkins configuration. While the API key is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the API key for example through browser...

4.3CVSS3.8AI score0.01038EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2017/10/04 1:0 a.m.19 views

CVE-2017-1000114

The Datadog Plugin stores an API key to access the Datadog service in the global Jenkins configuration. While the API key is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the API key for example through browser...

3.6AI score0.01038EPSS
Exploits0References2
cve
cve
added 2017/10/04 1:0 a.m.68 views

CVE-2017-1000114

CVE-2017-1000114 concerns the Jenkins/Datadog plugin where the API key used to access Datadog was stored in the global Jenkins configuration and transmitted in plain text via the configuration form, potentially exposing the key through browser extensions or XSS. Documents indicate the plugin was ...

4.3CVSS3.7AI score0.01038EPSS
Exploits0References2Affected Software1
cnvd
cnvd
added 2017/08/17 12:0 a.m.5 views

CloudBees Jenkins Datadog Plugin Information Disclosure Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and a number of timed tasks . Datadog Plugin is one ...

4.3CVSS4AI score0.01038EPSS
Exploits0References1
threatpost
threatpost
added 2016/07/11 3:3 p.m.8 views

Datadog Forces Password Reset Following Breach

Datadog, a software-as-a service-based provider of IT infrastructure monitoring and analytics services, has forced a password reset on all of its user and admin accounts following a breach last Friday. “We have detected unauthorized activity associated with a handful of production infrastructure...

1.1AI score
Exploits0References1
Rows per page
Query Builder