Malicious code in vectordb-engine (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42695503b90ec4adc30c038c3321d637f05038f841bcc5f463a16b891fe4e3e0 During pip install, a custom buildext step in src/vectordbenginebuild.py runs an obfuscated payload that performs targeted reconnaissance and...

CVE-2024-2216

A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting futu...

CVE-2024-2215

A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...

EUVD-2024-2210

Malicious code in bioql PyPI...

EUVD-2023-45766

Malicious code in bioql PyPI...

EUVD-2024-0838

Malicious code in bioql PyPI...

EUVD-2022-3197

Malicious code in bioql PyPI...

CVE-2023-41249

In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build Step...

CVE-2020-2265

Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not escape the method information in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...

CVE-2024-39458

A vulnerability was found in the Jenkins Structs Plugin. When it fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log...

CVE-2024-39458

When Jenkins Structs Plugin 337.v1b04ea4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log...

CVE-2024-39458

When Jenkins Structs Plugin 337.v1b04ea4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log...

Jenkins Plugin Structs Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

PT-2024-4650 · Jenkins · Jenkins Structs Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Structs Plugin versions 337.v1b 04ea 4df7c8 and earlier Description: The issue is related to the accidental exposure of secrets through the default system log when the Jenkins Structs Plugin fails to configure a build step. This happe...

JetBrains TeamCity Build Steps to Set Up Cross-Site Scripting Vulnerabilities

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

CVE-2024-36374

In JetBrains TeamCity before 2024.03.2 stored XSS via build step settings was possible...

CVE-2024-36374

In JetBrains TeamCity before 2024.03.2 stored XSS via build step settings was possible...

CVE-2024-36374

CVE-2024-36374 affects JetBrains TeamCity prior to 2024.03.2, where stored XSS in build step settings was possible. The connected sources attribute the vulnerability to insufficient filtering/escaping of user-supplied data in build step settings, enabling an attacker to inject and render arbitrar...

CVE-2024-36374

In JetBrains TeamCity before 2024.03.2 stored XSS via build step settings was possible...

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...