15 matches found
EUVD-2025-20848
Malicious code in bioql PyPI...
EUVD-2025-20847
Malicious code in bioql PyPI...
The vulnerability of the Dead Man’s Snitch plugin in Jenkins servers, related to the storage of tokens in unencrypted form, allows attackers to gain unauthorized access to protected information.
The vulnerability of the Dead Man’s Snitch plugin in the Jenkins automation server lies in the fact that tokens are stored in an unencrypted form in the config.xml file. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information...
CVE-2025-53667
Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
GHSA-M248-72RH-CPX4 Jenkins Dead Man's Snitch Plugin vulnerability does not mask tokens
Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
Jenkins Dead Man's Snitch Plugin vulnerability does not mask tokens
Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
CVE-2025-53666
Jenkins Dead Man's Snitch Plugin 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
CVE-2025-53667
Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
CVE-2025-53667
Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
CVE-2025-53666
CVE-2025-53666 affects Jenkins Dead Man's Snitch Plugin 0.1. The plugin stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller, enabling viewing by users with Item/Extended Read permission or access to the controller filesystem. This is corroborated by multi...
CVE-2025-53666
Jenkins Dead Man's Snitch Plugin 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
Jenkins plugin Dead Man s Snitch 安全漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...
Jenkins plugin Dead Man s Snitch 安全漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...
PT-2025-28918 · Jenkins · Jenkins Dead Man'S Snitch Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Dead Man's Snitch Plugin version 0.1 Description: The Jenkins Dead Man's Snitch Plugin version 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller. This allows users with Item/Extended Rea...
PT-2025-28919 · Jenkins · Jenkins Dead Man'S Snitch Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Dead Man's Snitch Plugin version 0.1 Description: The Jenkins Dead Man's Snitch Plugin does not mask Dead Man's Snitch tokens displayed on the job configuration form, potentially allowing attackers to observe and capture them...