13 matches found
EUVD-2022-5036
Malicious code in bioql PyPI...
EUVD-2022-4182
Malicious code in bioql PyPI...
CVE-2021-21612
Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
CVE-2021-21612
The CVE-2021-21612 issue affects the Jenkins TraceTronic ECU-TEST Plugin (versions 2.23.1 and earlier). It stores credentials unencrypted in the plugin’s global configuration file on the Jenkins controller (ATXInstallation.xml), allowing users with file-system access to view sensitive data. The v...
CVE-2021-21612
Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
Cloudbees Jenkins TraceTronic ECU-TEST Plugin 信息泄露漏洞
Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . An information disclosure...
PT-2021-14655 · Jenkins · Jenkins Tracetronic Ecu-Test Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins TraceTronic ECU-TEST Plugin versions 2.23.1 and earlier Description: The issue allows credentials to be stored unencrypted in the global configuration file on the Jenkins controller, making them accessible to users with access to the...
CVE-2018-1999025
A man in the middle vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java, ATXValidator.java that allows attackers to impersonate any service that Jenkins connects to...
CVE-2018-1999026
A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host...
CVE-2018-1999026
A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host...
CVE-2018-1999025
A man in the middle vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java, ATXValidator.java that allows attackers to impersonate any service that Jenkins connects to...
Server side request forgery (ssrf)
A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host...
CVE-2018-1999025
A man in the middle vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java, ATXValidator.java that allows attackers to impersonate any service that Jenkins connects to...