22 matches found
EUVD-2022-4234
Malicious code in bioql PyPI...
CVE-2020-2322
Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks...
Missing permission checks in Jenkins Chaos Monkey Plugin
Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to generate load and to generate memory leaks. Jenkins Chaos Monkey Plugin 0.4 requires Overall/Administer permission to generate load and t...
GHSA-HX53-635R-VMV8 Missing permission checks in Jenkins Chaos Monkey Plugin
Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint. This allows attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions. Jenkins Chaos Monkey Plugin 0.4.1 requires Overall/Administer permission to...
Missing permission checks in Jenkins Chaos Monkey Plugin
Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint. This allows attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions. Jenkins Chaos Monkey Plugin 0.4.1 requires Overall/Administer permission to...
GHSA-MR75-899X-QCXQ Missing permission checks in Jenkins Chaos Monkey Plugin
Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to generate load and to generate memory leaks. Jenkins Chaos Monkey Plugin 0.4 requires Overall/Administer permission to generate load and t...
Cloudbees Jenkins Chaos Monkey Plugin Authorization Issue Vulnerability (CNVD-2020-70261)
Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . A security vulnerability exists in...
Cloudbees Jenkins Chaos Monkey Plugin Authorization Issues Vulnerability
Cloudbees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . CVS Plugin is used in one of the CVS versi...
CVE-2020-2323
Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions...
CVE-2020-2322
Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks...
CVE-2020-2322
Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks...
CVE-2020-2323
Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions...
Design/Logic Flaw
Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions...
Design/Logic Flaw
Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks...
CVE-2020-2323
Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions...
CVE-2020-2323
Summary: Jenkins Chaos Monkey Plugin 0.4 and earlier lacks permission checks on an HTTP endpoint. This allows attackers with Overall/Read to access the Chaos Monkey page and view action history. Mitigation: Upgrade to version 0.4.1 or later, which requires Overall/Administer permission to access ...
CVE-2020-2322
Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks...
CVE-2020-2322
Affected software : Jenkins Chaos Monkey Plugin (versions 0.3 and earlier). Root cause : several HTTP endpoints do not perform permission checks. Impact : enables attackers with Overall/Read permission to generate load and memory leaks. Evidence : CVE-2020-2322 and connected advisories describe t...
Cloudbees Jenkins 授权问题漏洞
Cloudbees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . CVS Plugin is used in one of the CVS versi...
Cloudbees Jenkins 授权问题漏洞
Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . A security vulnerability exists in...