3 matches found
EUVD-2022-4002
Malicious code in bioql PyPI...
PT-2019-11387 · Jenkins · Jenkins Crowd Integration Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Crowd Integration Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global config.xml configuration file on the Jenkins master. This allows users with...
CVE-2018-1000422
An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified credentials and connection settings...