18 matches found
RHCOS 4 : OpenShift Container Platform 4.1 jenkins-2-plugins (RHSA-2019:1636)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1636 advisory. - jenkins-credentials-plugin: Certificate file read vulnerability in Credentials Plugin SECURITY-1322 CVE-2019-10320 -...
EUVD-2021-1323
Malware in sbrugna...
EUVD-2024-2957
Malicious code in bioql PyPI...
EUVD-2022-5823
Malicious code in bioql PyPI...
CVE-2024-47805
Jenkins Credentials Plugin 1380.va435002fa924 and earlier, except 1371.1373.v4ebfab7161e9, does not redact encrypted values of credentials using the SecretBytes type when accessing item config.xml via REST API or CLI...
CVE-2024-47805
Jenkins Credentials Plugin 1380.va435002fa924 and earlier, except 1371.1373.v4ebfab7161e9, does not redact encrypted values of credentials using the SecretBytes type when accessing item config.xml via REST API or CLI...
CVE-2024-47805
Jenkins Credentials Plugin 1380.va435002fa924 and earlier, except 1371.1373.v4ebfab7161e9, does not redact encrypted values of credentials using the SecretBytes type when accessing item config.xml via REST API or CLI...
credentials: Stored XSS vulnerabilities in jenkins plugin
A flaw was found in the Jenkins credentials plugin. The Jenkins credentials plugin does not escape the name and description of Credentials parameters on views displaying parameters. This issue results in a stored Cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure...
GHSA-XM94-9JW8-P6HW Insertion of Sensitive Information into Externally-Accessible File or Directory in Jenkins Credentials Plugin
Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS12 certificate...
credentials: Stored XSS vulnerabilities in jenkins plugin
A flaw was found in the Jenkins credentials plugin. The Jenkins credentials plugin does not escape the name and description of Credentials parameters on views displaying parameters. This issue results in a stored Cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure...
GHSA-CWCF-5M5W-MQ2W Exposure of Sensitive Information to an Unauthorized Actor in Jenkins SSH Credentials Plugin
A arbitrary file read vulnerability exists in Jenkins SSH Credentials Plugin 1.13 and earlier in BasicSSHUserPrivateKey.java that allows attackers with a Jenkins account and the permission to configure credential bindings to read arbitrary files from the Jenkins master file system...
Jenkins Credentials Plugin跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exis...
CVE-2022-29036
Jenkins Credentials Plugin 1111.v35a307992395 and earlier, except 1087.1089.v2f1b9ab040e4, 1074.1076.v39c30cecb0e2, and 2.6.1.1, does not escape the name and description of Credentials parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability...
GHSA-GCHQ-9R68-6JWV Cross-Site Request Forgery in Jenkins Credentials Plugin
Jenkins Credentials Plugin prior to 2.3.19, 2.3.15.1, 2.3.14.1, 2.3.13.1, 2.3.7.1, and 2.3.0.1 does not escape user-controlled information on a view it provides, resulting in a reflected cross-site scripting XSS vulnerability. Jenkins Credentials Plugin 2.3.19, 2.3.15.1, 2.3.14.1, 2.3.13.1,...
Jenkins Credentials Plugin 跨站脚本漏洞
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...
jenkins-credentials-plugin: Certificate file read vulnerability in Credentials Plugin (SECURITY-1322)
Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS12 certificate...
Fedora Update for jenkins-credentials-plugin FEDORA-2016-f3b40fcbc3
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 21 Update: jenkins-credentials-plugin-1.18-2.fc21
This package provides Jenkins credentials plugin...