13 matches found
EUVD-2022-5840
Malicious code in bioql PyPI...
EUVD-2022-3383
Malicious code in bioql PyPI...
CVE-2020-2245
Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-2246
Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Valgrind XML report contents...
SUSE CVE-2020-2245
Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
SUSE CVE-2020-2246
Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Valgrind XML report contents...
CloudBees Jenkins XSS Vulnerability
CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. The product is mainly used to monitor the continuous software version of the release/test project and some timed execution of the task . LTS is a long-term support for CloudBeesJenkins version...
CVE-2020-2245
Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-2246
Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Valgrind XML report contents...
Xxe
Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Cross site scripting
Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Valgrind XML report contents...
CVE-2020-2246
Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Valgrind XML report contents...
PT-2020-15466 · Jenkins · Jenkins Valgrind Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Valgrind Plugin versions 0.28 and earlier Description: The issue concerns the configuration of the XML parser in the Jenkins Valgrind Plugin, which does not prevent XML external entity XXE attacks. This allows a user who can control t...