Lucene search
+L

7 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-2866

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00988EPSS
Exploits0References5
redhatcve
redhatcve
added 2025/05/22 1:14 p.m.10 views

CVE-2018-1000191

A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

6.5CVSS6.1AI score0.00988EPSS
Exploits0References1
osv
osv
added 2022/05/14 1:9 a.m.20 views

GHSA-6W3H-VQ7M-V3QF Jenkins Black Duck Detect Plugin information exposure vulnerability

Jenkins Black Duck Detect Plugin did not perform permission checks on methods implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credential...

6.5CVSS6.4AI score0.00988EPSS
Exploits0References5
nvd
nvd
added 2018/06/05 8:29 p.m.18 views

CVE-2018-1000191

A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

6.5CVSS6.3AI score0.00988EPSS
Exploits0References1
prion
prion
added 2018/06/05 8:29 p.m.17 views

Design/Logic Flaw

A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

4CVSS6.3AI score0.00988EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2018/06/05 8:0 p.m.17 views

CVE-2018-1000191

A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...

6.3AI score0.00988EPSS
Exploits0References1
cve
cve
added 2018/06/05 8:0 p.m.53 views

CVE-2018-1000191

The CVE-2018-1000191 issue affects Jenkins Black Duck Detect Plugin (versions 1.4.0 and older). A flaw in DetectPostBuildStepDescriptor.java lets attackers with Overall/Read access connect to an attacker-specified URL using attacker-specified credentials IDs, enabling capture of credentials store...

6.5CVSS6.2AI score0.00988EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder