Lucene search
+L

8 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-2866

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00988EPSS
Exploits0References5
redhatcve
redhatcve
added 2025/05/22 1:14 p.m.10 views

CVE-2018-1000191

A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

6.5CVSS6.1AI score0.00988EPSS
Exploits0References1
github
github
added 2022/05/14 1:9 a.m.24 views

Jenkins Black Duck Detect Plugin information exposure vulnerability

Jenkins Black Duck Detect Plugin did not perform permission checks on methods implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credential...

6.5CVSS6.7AI score0.00988EPSS
Exploits0References5Affected Software1
cnvd
cnvd
added 2018/06/07 12:0 a.m.7 views

CloudBees Jenkins Black Duck Detect Plugin Information Disclosure Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is a set of U.S. CloudBees, Inc. based on Java development of continuous integration tools , the tool is mainly used to monitor the order of repetitive work . Black Duck Detect Plugin is used in one of the plug-ins for the detection of known securit...

6.5CVSS6.2AI score0.00988EPSS
Exploits0References1
nvd
nvd
added 2018/06/05 8:29 p.m.18 views

CVE-2018-1000191

A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

6.5CVSS6.3AI score0.00988EPSS
Exploits0References1
osv
osv
added 2018/06/05 8:29 p.m.16 views

CVE-2018-1000191

A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

6.5CVSS6.5AI score
Exploits0References1
cvelist
cvelist
added 2018/06/05 8:0 p.m.17 views

CVE-2018-1000191

A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

6.3AI score0.00988EPSS
Exploits0References1
cve
cve
added 2018/06/05 8:0 p.m.52 views

CVE-2018-1000191

The CVE-2018-1000191 issue affects Jenkins Black Duck Detect Plugin (versions 1.4.0 and older). A flaw in DetectPostBuildStepDescriptor.java lets attackers with Overall/Read access connect to an attacker-specified URL using attacker-specified credentials IDs, enabling capture of credentials store...

6.5CVSS6.2AI score0.00988EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder