CVE-2021-41111

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to versions 3.4.5 and 3.3.15, an authenticated user with authorization to read webhooks in one project can craft a request to reveal Webhook definitions and tokens in another project. The user...

CVE-2021-41112

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In versions prior to 3.4.5, authenticated users could craft a request to modify or delete System or Project level Calendars, without appropriate authorization. Modifying or removing calendars could...

CVE-2022-31044

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. The Key Storage converter plugin mechanism was not enabled correctly in Rundeck 4.2.0 and 4.2.1, resulting in use of the encryption layer for Key Storage possibly not working. Any credentials created...

CVE-2019-16556

Jenkins Rundeck Plugin 3.6.5 and earlier stores credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

EUVD-2021-2099

Malware in sbrugna...

EUVD-2020-0365

Malware in sbrugna...

EUVD-2021-1964

Malware in sbrugna...

EUVD-2022-6917

Malicious code in bioql PyPI...

EUVD-2021-28247

Malicious code in bioql PyPI...

EUVD-2023-3065

Malicious code in bioql PyPI...

EUVD-2022-6071

Malicious code in bioql PyPI...

EUVD-2021-28246

Malicious code in bioql PyPI...

EUVD-2022-6688

Malicious code in bioql PyPI...

EUVD-2022-2348

Malicious code in bioql PyPI...

EUVD-2022-4674

Malicious code in bioql PyPI...

EUVD-2022-33580

Malicious code in bioql PyPI...

EUVD-2022-2678

Malicious code in bioql PyPI...

EUVD-2022-4976

Malicious code in bioql PyPI...

EUVD-2023-3008

Malicious code in bioql PyPI...

EUVD-2022-2264

Malicious code in bioql PyPI...