EUVD-2022-6719

Malicious code in bioql PyPI...

CVE-2022-41250

A missing permission check in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

CVE-2022-41249

A cross-site request forgery CSRF vulnerability in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

Jenkins SCM HttpClient Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

PT-2020-15403 · Jenkins · Jenkins Scm Filter Jervis Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins SCM Filter Jervis Plugin versions 0.2.1 and earlier Description: The issue results from the YAML parser not being configured to prevent the instantiation of arbitrary types, leading to a remote code execution vulnerability. This...