EUVD-2021-0662

Malware in sbrugna...

EUVD-2025-0159

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-23341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel...

Cache confusion in Jenkins Eiffel Broadcaster Plugin

The Jenkins Eiffel Broadcaster Plugin allows events published to RabbitMQ to be signed using certificate credentials. To improve performance, the plugin caches some data from the credential. Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key. Thi...

GHSA-FPW7-8GJC-JWQJ Cache confusion in Jenkins Eiffel Broadcaster Plugin

The Jenkins Eiffel Broadcaster Plugin allows events published to RabbitMQ to be signed using certificate credentials. To improve performance, the plugin caches some data from the credential. Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key. Thi...

CVE-2025-24400

Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event published to RabbitMQ with...

CVE-2025-24400

Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event published to RabbitMQ with...

CVE-2025-24400

Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event published to RabbitMQ with...

CVE-2025-24400

Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event published to RabbitMQ with...

CVE-2025-24400

CVE-2025-24400 affects the Jenkins Eiffel Broadcaster Plugin (versions 2.8.0–2.10.2). The vulnerability arises because the plugin uses the credential ID as the cache key during signing operations, allowing an attacker who can create a credential with the same ID in a different credentials store t...

PT-2025-5358 · Jenkins · Jenkins Eiffel Broadcaster Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Eiffel Broadcaster Plugin versions 2.8.0 through 2.10.2 Description: The issue allows attackers to create a credential with the same ID as a legitimate one in a different credentials store, enabling them to sign an event published to...

Jenkins plugin Eiffel Broadcaster 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

Regular Expression Denial Of Service (ReDoS)

prismjs is vulnerable to Regular Expression Denial Of Service ReDoS. An attacker is able to crash the system by submitting malicious string via the prism-asciidoc, prism-rest, prism-tap, prism-batch and prism-eiffel components...

DEBIAN-CVE-2021-23341

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

CVE-2021-23341

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

UBUNTU-CVE-2021-23341

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

Design/Logic Flaw

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

Regular Expression Denial of Service (ReDoS)

Overview prismjs/prism is a Lightweight, robust, elegant syntax highlighting. A spin-off project from Dabblet. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components. Details Denial o...

Regular Expression Denial of Service (ReDoS)

Overview prismjs is a lightweight, robust, elegant syntax highlighting library. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components. Details Denial of Service DoS describes a famil...

Prismjs Security Vulnerability

Prism is an application from the US-based individual developers of Prism. It is a lightweight, extensible syntax highlighting tool. A security vulnerability exists in Prismjs. The vulnerability stems from the application's susceptibility to a denial of service ReDoS attack triggered by a regular...