9 matches found
EUVD-2022-3692
Malicious code in bioql PyPI...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to its use of the hexoid function in the generation of fingerprint IDs. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit - Vulnerability Report Credit: ZAST.AI...
Cloudbees Jenkins and LTS Input Validation Error Vulnerability
Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...
Authorization Bypass
Jenkins is vulnerable to authorization bypass. Improperly validation of the format of a provided fingerprint ID when checking for its existence allowing an attacker to check for the existence of XML files with a short path...
CVE-2021-21606
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier improperly validates the format of a provided fingerprint ID when checking for its existence allowing an attacker to check for the existence of XML files with a short path...
Path traversal
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier improperly validates the format of a provided fingerprint ID when checking for its existence allowing an attacker to check for the existence of XML files with a short path...
CVE-2021-21606
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier improperly validates the format of a provided fingerprint ID when checking for its existence allowing an attacker to check for the existence of XML files with a short path...
CVE-2021-21606
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier improperly validates the format of a provided fingerprint ID when checking for its existence allowing an attacker to check for the existence of XML files with a short path...
Cloudbees Jenkins 输入验证错误漏洞
Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...