10 matches found
EUVD-2022-4690
Malicious code in bioql PyPI...
CVE-2020-2159
Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins...
GHSA-P5X5-JG3J-2JCJ OS command injection in CryptoMove Plugin
CryptoMove Plugin 0.1.33 and earlier allows the configuration of an OS command to execute as part of its build step configuration. This command will be executed on the Jenkins controller as the OS user account running Jenkins, allowing user with Job/Configure permission to execute an arbitrary OS...
CloudBees Jenkins CryptoMove OS Command Injection Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . CryptoMove is used in which a secret key...
CVE-2020-2159
Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins...
CVE-2020-2159
Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins...
Design/Logic Flaw
Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins...
CVE-2020-2159
CVE-2020-2159 affects Jenkins CryptoMove Plugin versions 0.1.33 and earlier. The vulnerability arises because the CryptoMove plugin allows configuration of an OS command to execute as part of a build step, which will run on the Jenkins controller as the OS user running Jenkins. An attacker with J...
CVE-2020-2159
Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins...
PT-2020-15377 · Jenkins · Jenkins Cryptomove Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins CryptoMove Plugin versions 0.1.33 and earlier Description: The issue allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins. This is possible because th...