14 matches found
EUVD-2022-1944
Malicious code in bioql PyPI...
EUVD-2022-2243
Malicious code in bioql PyPI...
CVE-2020-2262
Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...
GHSA-28X9-HC4P-9VH2 Stored XSS vulnerability in android-lint Plugin
Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...
Stored XSS vulnerability in android-lint Plugin
Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...
GHSA-3VCX-W94H-68VG XXE vulnerability in Jenkins Android Lint Plugin
Jenkins Android Lint Plugin 2.5 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...
XXE vulnerability in Jenkins Android Lint Plugin
Jenkins Android Lint Plugin 2.5 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...
CVE-2020-2262
Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...
CVE-2020-2262
Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...
CVE-2020-2262
CVE-2020-2262 affects Jenkins Android Lint Plugin versions 2.6 and earlier. The issue is that the plugin does not escape the annotation message in tooltips, causing a stored XSS vulnerability when an attacker can provide report files to the plugin’s post-build step. Impact is stored XSS in Jenkin...
CloudBees Jenkins Android Lint Plugin Information Disclosure Vulnerability
CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version release/testing projects and some timed tasks.Android Lint Plugin is used in one of the Android static Android Lint...
CVE-2018-1000055
Jenkins Android Lint Plugin 2.5 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...
CVE-2018-1000055
XXE vulnerability (CVE-2018-1000055) affecting Jenkins Android Lint Plugin 2.5 and earlier. The plugin processes XML in build files, allowing an authenticated Jenkins user to trigger XML External Entity processing and potentially exfiltrate secrets from the Jenkins master, perform server-side req...
CVE-2018-1000055
Jenkins Android Lint Plugin 2.5 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...