14 matches found
CVE-2026-48918
Technical details about CVE-2026-48918 are not publicly available in the provided documents; monitor for updates from official advisories (e.g., Jenkins security notices) for new information.
CVE-2022-23105
Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations...
EUVD-2023-2055
Malicious code in bioql PyPI...
EUVD-2022-5159
Malicious code in bioql PyPI...
EUVD-2022-0561
Malicious code in bioql PyPI...
EUVD-2022-3291
Malicious code in bioql PyPI...
EUVD-2022-4902
Malicious code in bioql PyPI...
CVE-2020-2300
Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the use of an empty password in Windows/ADSI mode, which allows attackers to log in to Jenkins as any user depending on the configuration of the Active Directory server...
CVE-2020-2299
Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user if a magic constant is used as the password...
CVE-2020-2302
A missing permission check in Jenkins Active Directory Plugin 2.19 and earlier allows attackers with Overall/Read permission to access the domain health check diagnostic page...
CVE-2020-2301
Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user with any password while a successful authentication of that user is still in the optional cache when using Windows/ADSI mode...
Information Disclosure
Jenkins Active Directory Plugin is vulnerable to Information Disclosure. The vulnerability exists when it ignores the "Require TLS" and "StartTls" options and performs connection test without unencrypted which allows an attacker to gain access to sensitive information in the system...
CVE-2022-23105
Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations...
Input validation
An improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and earlier in src/main/java/hudson/plugins/activedirectory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/activedirectory/ActiveDirectorySecurityRealm.java,...