EUVD-2022-4543

Malicious code in bioql PyPI...

CVE-2019-10315

CVE-2019-10315 : Jenkins GitHub Authentication Plugin versions 0.31 and earlier did not validate the OAuth state parameter, enabling CSRF exposure. Exploitation could allow an attacker to capture the OAuth redirect URL and, if the victim is already authenticated in Jenkins, attach the victim’s Je...

CloudBees Jenkins GitHub Authentication Plugin Session Fixation Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . GitHub Authentication Plugin is used in which ...

CVE-2019-1003018

An exposure of sensitive information vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser e.g. malicious extension to retrieve the...

CVE-2019-1003018

CVE-2019-1003018 affects Jenkins GitHub Authentication Plugin 0.29 and earlier. The vulnerability lies in GithubSecurityRealm/config.jelly, allowing an attacker who can view a Jenkins administrator’s browser output (or influence the browser via a malicious extension) to retrieve the configured cl...

PT-2019-11316 · Jenkins · Jenkins Gitlab Authentication Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins GitHub Authentication Plugin versions 0.29 and earlier Description: An exposure of sensitive information issue exists that allows attackers, who can view a Jenkins administrator's web browser output or control the browser, to retrieve...