EUVD-2022-4310

Malicious code in bioql PyPI...

EUVD-2022-3470

Malicious code in bioql PyPI...

GHSA-C264-8834-PPJ2 CSRF vulnerability in Jenkins Swarm Plugin

Swarm Plugin adds API endpoints to add or remove agent labels. In Swarm Plugin 3.20 and earlier these only require a global Swarm secret to use, and no regular permission check is performed. This allows users with Agent/Create permission to add or remove labels of any agent. Additionally, these A...

CSRF vulnerability in Jenkins Swarm Plugin

Swarm Plugin adds API endpoints to add or remove agent labels. In Swarm Plugin 3.20 and earlier these only require a global Swarm secret to use, and no regular permission check is performed. This allows users with Agent/Create permission to add or remove labels of any agent. Additionally, these A...

GHSA-J852-MP82-WV2G Improper permission checks in Jenkins Swarm Plugin

Swarm Plugin adds API endpoints to add or remove agent labels. In Swarm Plugin 3.20 and earlier these only require a global Swarm secret to use, and no regular permission check is performed. This allows users with Agent/Create permission to add or remove labels of any agent. Swarm Plugin 3.21...

Improper permission checks in Jenkins Swarm Plugin

Swarm Plugin adds API endpoints to add or remove agent labels. In Swarm Plugin 3.20 and earlier these only require a global Swarm secret to use, and no regular permission check is performed. This allows users with Agent/Create permission to add or remove labels of any agent. Swarm Plugin 3.21...

CVE-2020-2191

Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier does not check permissions on API endpoints that allow adding and removing agent labels...

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier allows attackers to add or remove agent labels...

CVE-2020-2192

A cross-site request forgery vulnerability in Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier allows attackers to add or remove agent labels...

CVE-2020-2191

Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier does not check permissions on API endpoints that allow adding and removing agent labels...

CVE-2020-2192

A cross-site request forgery vulnerability in Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier allows attackers to add or remove agent labels...

PT-2020-15405 · Jenkins · Jenkins Self-Organizing Swarm Plug-In Modules Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Self-Organizing Swarm Plug-in Modules Plugin versions 3.20 and earlier Description: The issue concerns the lack of permission checks on API endpoints that allow adding and removing agent labels. This allows users with Agent/Create...

PT-2020-15406 · Jenkins · Jenkins Self-Organizing Swarm Plug-In Modules Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Self-Organizing Swarm Plug-in Modules Plugin versions 3.20 and earlier Description: A cross-site request forgery issue allows attackers to add or remove agent labels. The Swarm Plugin adds API endpoints to manage agent labels, but in...