12 matches found
EUVD-2022-3021
Malicious code in bioql PyPI...
EUVD-2022-5450
Malicious code in bioql PyPI...
EUVD-2022-7233
Malicious code in bioql PyPI...
EUVD-2022-4391
Malicious code in bioql PyPI...
CVE-2020-2211
Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin 1.3 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
Jenkins Data Theorem Mobile Security: CI/CD Plugin has Insufficiently Protected Credentials
Data Theorem Mobile Security: CI/CD Plugin stored a proxy password unencrypted in job config.xml files on the Jenkins controller. This password could be viewed by users with Extended Read permission, or access to the Jenkins controller file system. Data Theorem Mobile Security: CI/CD Plugin now...
CVE-2019-10469
A missing permission check in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
PT-2019-11863 · Jenkins · Jenkins Elasticbox Jenkins Kubernetes Ci/Cd Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin affected versions not specified Description: A missing permission check in the plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using...
PT-2019-11864 · Jenkins · Jenkins Elasticbox Jenkins Kubernetes Ci/Cd Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin affected versions not specified Description: A missing permission check in form-related methods of the Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin allowed users with Overall/Read acces...
CVE-2019-10413
Jenkins Data Theorem: CI/CD Plugin 1.3 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
Design/Logic Flaw
Jenkins Data Theorem: CI/CD Plugin 1.3 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10413
Jenkins Data Theorem: CI/CD Plugin 1.3 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...