12 matches found
EUVD-2022-5152
Malicious code in bioql PyPI...
EUVD-2022-5572
Malicious code in bioql PyPI...
CVE-2019-1003059
A missing permission check in Jenkins FTP publisher Plugin in the FTPPublisher.DescriptorImpldoLoginCheck method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
CVE-2019-1003058
A cross-site request forgery vulnerability in Jenkins FTP publisher Plugin in the FTPPublisher.DescriptorImpldoLoginCheck method allows attackers to initiate a connection to an attacker-specified server...
CVE-2019-1003055
Jenkins FTP publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
GHSA-RCRV-6R7R-RR7M Missing permission check in Jenkins FTP publisher Plugin
A missing permission check in Jenkins FTP publisher Plugin in the FTPPublisher.DescriptorImpldoLoginCheck method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
GHSA-CWQV-4CF2-5VFJ Jenkins FTP publisher Plugin stores credentials in plain text
Jenkins FTP publisher Plugin stores credentials unencrypted in its global configuration file com.zanox.hudson.plugins.FTPPublisher.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...
CloudBees Jenkins FTP publisher Plugin Trust Management Issue Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/testing project and some timed tasks . FTP publisher Plugin is used in one of...
CloudBees Jenkins FTP publisher Plugin Cross-Site Request Forgery Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/testing project and some timed tasks . FTP publisher Plugin is used in one of...
CVE-2019-1003058
CVE-2019-1003058 describes a Cross-Site Request Forgery vulnerability in the Jenkins FTP Publisher Plugin, specifically in FTPPublisher.DescriptorImpl#doLoginCheck. The flaw allows an attacker to induce the Jenkins server to initiate a connection to an attacker-specified server. The linked connec...
CVE-2019-1003059
The CVE-2019-1003059 entry concerns Jenkins FTP Publisher Plugin. The vulnerability is a missing permission check in FTPPublisher.DescriptorImpl#doLoginCheck, which allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server. Affected component is the Je...
PT-2019-11345 · Jenkins · Jenkins Ftp Publisher Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins FTP publisher Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specifically, the...