11 matches found
EUVD-2022-5859
Malicious code in bioql PyPI...
CVE-2021-21631
Jenkins Cloud Statistics Plugin 0.26 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission and knowledge of random activity IDs to view related provisioning exception error messages...
GHSA-XV69-6RF3-W5G2 Missing permission check in Jenkins Cloud Statistics Plugin
Jenkins Cloud Statistics Plugin 0.26 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission and knowledge of random activity IDs to view related provisioning exception error messages. Jenkins Cloud Statistics Plugin 0.27 requires...
Missing permission check in Jenkins Cloud Statistics Plugin
Jenkins Cloud Statistics Plugin 0.26 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission and knowledge of random activity IDs to view related provisioning exception error messages. Jenkins Cloud Statistics Plugin 0.27 requires...
Jenkins Plugins Multiple Vulnerabilities (Jenkins Security Advisory 2021-03-30)
According to their self-reported version numbers, the versions of Jenkins plugins running on the remote web server are Jenkins Build With Parameters Plugin prior to 1.5.1, Cloud Statistics Plugin prior to 0.27, Extra Columns Plugin prior to 1.23, Jabber XMPP notifier and control Plugin prior to...
CloudBees Jenkins Cloud Statistics Plugin Improper Authorization Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An improper authorization...
CVE-2021-21631
Jenkins Cloud Statistics Plugin 0.26 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission and knowledge of random activity IDs to view related provisioning exception error messages...
CVE-2021-21631
Jenkins Cloud Statistics Plugin 0.26 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission and knowledge of random activity IDs to view related provisioning exception error messages...
Code injection
Jenkins Cloud Statistics Plugin 0.26 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission and knowledge of random activity IDs to view related provisioning exception error messages...
Jenkins Cloud Statistics 安全漏洞
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An improper authorization...
PT-2021-14674 · Jenkins · Jenkins Cloud Statistics Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Cloud Statistics Plugin versions 0.26 and earlier Description: The issue concerns a lack of permission check in an HTTP endpoint, allowing attackers with Overall/Read permission and knowledge of random activity IDs to view related...