EUVD-2022-5036

Malicious code in bioql PyPI...

EUVD-2022-4182

Malicious code in bioql PyPI...

Credentials stored in plain text by Jenkins TraceTronic ECU-TEST Plugin

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file de.tracetronic.jenkins.plugins.ecutest.report.atx.installation.ATXInstallation.xml on the Jenkins controller as part of its configuration. These credentials can be viewed by user...

GHSA-QVJR-X8FW-HGHV Credentials stored in plain text by Jenkins TraceTronic ECU-TEST Plugin

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file de.tracetronic.jenkins.plugins.ecutest.report.atx.installation.ATXInstallation.xml on the Jenkins controller as part of its configuration. These credentials can be viewed by user...

de.tracetronic.jenkins.plugins:ecu-test-execution (>=3.0 <=3.4), jp.ikedam.jenkins.plugins:extensible-choice-parameter (=1.8.1) +2 more potentially affected by CVE-2022-30946 via org.jenkins-ci.plugins:script-security (>=1138.v8e727069a_025 <=1158.v7c1b_73a_69a_08)

org.jenkins-ci.plugins:script-security MAVEN version =1138.v8e727069a025, =3.0, =3.4 - jp.ikedam.jenkins.plugins:extensible-choice-parameter =1.8.1 - org.jenkins-ci.plugins:applitools-eyes =1.16.4 - org.jenkins-ci.plugins:gradle =2.12.0.1 Source cves: CVE-2022-30946 Source advisory:...

Jenkins TraceTronic ECU-TEST Plugin Man in the middle vulnerability

A man in the middle vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java, ATXValidator.java that allows attackers to impersonate any service that Jenkins connects to...

GHSA-HP7X-282P-HHR9 Jenkins TraceTronic ECU-TEST Plugin server-side request forgery vulnerability

A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host...

Jenkins TraceTronic ECU-TEST Plugin server-side request forgery vulnerability

A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host...

GHSA-W86J-99WG-R29F Jenkins TraceTronic ECU-TEST Plugin Man in the middle vulnerability

A man in the middle vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java, ATXValidator.java that allows attackers to impersonate any service that Jenkins connects to...

Information Disclosure

Jenkins TraceTronic ECU-TEST Plugin is vulnerable to information disclosure. Credentials are stored unencrypted in its global configuration file. Users with access to the Jenkins controller file system are able to access the confidential information...

Cloudbees Jenkins TraceTronic ECU-TEST Plugin Information Disclosure Vulnerability

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . An information disclosure...

CVE-2021-21612

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

CVE-2021-21612

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

Design/Logic Flaw

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

CVE-2021-21612

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

CVE-2021-21612

The CVE-2021-21612 issue affects the Jenkins TraceTronic ECU-TEST Plugin (versions 2.23.1 and earlier). It stores credentials unencrypted in the plugin’s global configuration file on the Jenkins controller (ATXInstallation.xml), allowing users with file-system access to view sensitive data. The v...

CVE-2021-21612

Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

Cloudbees Jenkins TraceTronic ECU-TEST Plugin 信息泄露漏洞

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . An information disclosure...

PT-2021-14655 · Jenkins · Jenkins Tracetronic Ecu-Test Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins TraceTronic ECU-TEST Plugin versions 2.23.1 and earlier Description: The issue allows credentials to be stored unencrypted in the global configuration file on the Jenkins controller, making them accessible to users with access to the...

CloudBees Jenkins TraceTronic ECU-TEST Plugin SSL/TLS Certificate Validation Vulnerability

CloudBees Jenkins is a suite of Java-based continuous integration tools from CloudBees, Inc. that are used to monitor ongoing software releases/testing projects and some timed tasks.TraceTronic ECU-TEST Plugin is an automated testing software for embedded systems that uses... TraceTronic ECU-TEST...