11 matches found
CVE-2019-10426
Jenkins Gem Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-2594)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby read...
CVE-2024-35221 Denial of service when publishing a package on rubygems.org
Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby reads the Manifest of Gem files when using Gem::Specification.fromyaml. fromyaml makes use of SafeYAML.load which allows YAML aliases inside the YAML-bas...
GHSA-6PQM-PP65-MC26 Jenkins Gem Publisher Plugin stores credentials as plaintext
Jenkins Gem Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Jenkins Gem Publisher Plugin stores credentials as plaintext
Jenkins Gem Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Unspecified Vulnerability in CloudBees Jenkins Gem Publisher Plugin
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Gem Publisher Plugin is used in which a Gem...
CVE-2019-10426
Jenkins Gem Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10426
Jenkins Gem Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Design/Logic Flaw
Jenkins Gem Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10426
Jenkins Gem Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10426
CVE-2019-10426 concerns the Jenkins Gem Publisher Plugin. The connected sources confirm the issue: the plugin stores credentials unencrypted in its global configuration file on the Jenkins master, enabling access by users who can read the master file system. The NVD entry lists a CVSS v3.1 base s...