38 matches found
EUVD-2017-7713
Malware in sbrugna...
EUVD-2017-7714
Malware in sbrugna...
EUVD-2017-7942
Malware in sbrugna...
EUVD-2017-7943
Malware in sbrugna...
CVE-2019-10411
Jenkins Inedo BuildMaster Plugin 2.4.0 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...
CVE-2018-1999035
A man in the middle vulnerability exists in Jenkins Inedo BuildMaster Plugin 1.3 and earlier in BuildMasterConfiguration.java, BuildMasterConfig.java, BuildMasterApi.java that allows attackers to impersonate any service that Jenkins connects to...
GHSA-PXV2-MFQ7-VHP6 Jenkins Inedo BuildMaster Plugin showed plain text password in configuration form
Jenkins Inedo BuildMaster Plugin Plugin stores a service password in its global Jenkins configuration. While the password is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the password through browser extensions,...
Jenkins Inedo BuildMaster Plugin showed plain text password in configuration form
Jenkins Inedo BuildMaster Plugin Plugin stores a service password in its global Jenkins configuration. While the password is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the password through browser extensions,...
Jenkins Inedo BuildMaster Plugin globally and unconditionally disabled SSL/TLS certificate validation
A man in the middle vulnerability exists in Jenkins Inedo BuildMaster Plugin 1.3 and earlier in BuildMasterConfiguration.java, BuildMasterConfig.java, BuildMasterApi.java that allows attackers to impersonate any service that Jenkins connects to...
Unspecified Vulnerability in CloudBees Jenkins Inedo BuildMaster Plugin
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . Inedo BuildMaster Plugin is used in one of...
Code injection
Jenkins Inedo BuildMaster Plugin 2.4.0 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...
CVE-2019-10411
Jenkins Inedo BuildMaster Plugin 2.4.0 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...
PT-2019-11805 · Jenkins · Jenkins Inedo Buildmaster Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Inedo BuildMaster Plugin versions 2.4.0 and earlier Description: The issue concerns the transmission of configured credentials in plain text as part of the global Jenkins configuration form, potentially leading to their exposure...
CloudBees Jenkins Inedo BuildMaster Plugin SSL/TLS Certificate Validation Vulnerability
CloudBees Jenkins is a Java-based continuous integration tool from CloudBees, which is mainly used to monitor continuous software version release/testing projects and some timed tasks.Inedo BuildMaster Plugin is used in which a plugin from BuildMaster collects version information and triggers a...
CVE-2018-1999035
The CVE-2018-1999035 entry concerns Jenkins Inedo BuildMaster Plugin (versions 1.3 and earlier). The connected sources describe a man-in-the-middle vulnerability that enables an attacker to impersonate any service that Jenkins connects to, affecting the plugin’s components BuildMasterConfiguratio...
CVE-2018-1999035
A man in the middle vulnerability exists in Jenkins Inedo BuildMaster Plugin 1.3 and earlier in BuildMasterConfiguration.java, BuildMasterConfig.java, BuildMasterApi.java that allows attackers to impersonate any service that Jenkins connects to...
Inedo BuildMaster Cross-Site Scripting Vulnerability
Inedo BuildMaster is a suite of automated deployment software from Inedo USA. The software integrates a variety of tools to automate the deployment of application suites. A cross-site scripting vulnerability exists in versions of Inedo BuildMaster prior to 5.8.2. A remote attacker can exploit thi...
Inedo BuildMaster Elevation of Privilege Vulnerability
Inedo BuildMaster is a suite of automated deployment software from Inedo USA. The software integrates a variety of tools to automate the deployment of application suites. A security vulnerability exists in versions of Inedo BuildMaster prior to 5.8.2 that stems from the program failing to properl...
Unspecified Vulnerability in Inedo BuildMaster
Inedo BuildMaster is a suite of automated deployment software from Inedo Japan. The software integrates a variety of tools to automate the deployment of application suites. A security vulnerability exists in versions of Inedo BuildMaster prior to 5.8.2, which stems from the program using...
Inedo BuildMaster Open Redirect Vulnerability
BuildMaster is a modern application release automation tool for creating simple or complex release pipelines for any organizational need. An open redirection vulnerability exists in Inedo BuildMaster versions prior to 5.8.2. A remote attacker can exploit this vulnerability to redirect users to...