EUVD-2022-2015

Malicious code in bioql PyPI...

CloudBees Jenkins Cloud Foundry Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Cloud Foundry...

CVE-2019-1003025

A exposure of sensitive information vulnerability exists in Jenkins Cloud Foundry Plugin 2.3.1 and earlier in AbstractCloudFoundryPushDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through...

CVE-2019-1003025

The issue affects Jenkins Cloud Foundry Plugin 2.3.1 and earlier. A missing permission check on a form-validation path allowed users with Overall/Read access to trigger a connection to an attacker-specified URL using attacker-specified credentials IDs, leading to exposure of credentials stored in...

PT-2019-11322 · Jenkins · Jenkins Cloud Foundry Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Cloud Foundry Plugin versions 2.3.1 and earlier Description: A sensitive information exposure issue exists, allowing attackers with Overall/Read access to connect to a specified URL using attacker-specified credentials IDs, potentiall...

org.cloudfoundry:cf-gradle-plugin (>=1.0.1 <=1.0.3), org.cloudfoundry:cf-maven-plugin (>=1.0.1 <=1.0.3) +5 more potentially affected by CVE-2016-4977 via org.springframework.security.oauth:spring-security-oauth2 (>=1.0.0.RELEASE <=1.0.2.RELEASE)

org.springframework.security.oauth:spring-security-oauth2 MAVEN version =1.0.0.RELEASE, =1.0.1, =1.0.1, =1.0.1, =0.9.0, =0.9.0, =0.9.0, =0.9.0, =1.0.22 Source cves: CVE-2016-4977 Source advisory: OSV:GHSA-7Q9C-H23X-65FQ...