EUVD-2022-4969

Malicious code in bioql PyPI...

EUVD-2022-5196

Malicious code in bioql PyPI...

CVE-2017-1000106

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. Its SCM content REST API supports the pipeline creation and editing feature in Blue...

CVE-2017-1000110

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. It did not properly check the current user's authentication and authorization when...

GO-2022-1161 AList vulnerable to Improper Preservation of Permissions in github.com/alist-org/alist

AList vulnerable to Improper Preservation of Permissions in github.com/alist-org/alist...

PT-2024-18969 · Gitpod · Gitpod

Name of the Vulnerable Software and Affected Versions: github.com/gitpod-io/gitpod/components/server/go/pkg/lib versions before main-gha.27122 github.com/gitpod-io/gitpod/components/ws-proxy/pkg/proxy versions before main-gha.27122 github.com/gitpod-io/gitpod/install/installer/pkg/components/auth...

Cookie Tossing

Overview Affected versions of this package are vulnerable to Cookie Tossing due to a missing Host- prefix on the gitpodiojwt2 session cookie. This allows an adversary who controls a subdomain to set the value of the cookie on the Gitpod control plane, which can be assigned to an attacker’s own JW...

Security Posture Management for GitHub: spotting and fixing risks in your GitHub organization just got a lot easier

Wiz SPM for version control systems helps you find and fix risks in your GitHub instance...

SUSE CVE-2017-1000106

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. Its SCM content REST API supports the pipeline creation and editing feature in Blue...

SUSE CVE-2017-1000110

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. It did not properly check the current user's authentication and authorization when...

OpenSSL 3.0.7 update assessment

OpenSSL 3.0.7 update assessment Summary The vulnerability in the OpenSSL Security Advisory of Dec 13 2022 do not affect any active Node.js release lines. Analysis Our assessment of the security advisory is: X.509 Policy Constraints Double Locking CVE-2022-3996 Node.js doesn't call OpenSSL as a...

Improper Authentication in Jenkins Blue Ocean Plugin

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. Its SCM content REST API supports the pipeline creation and editing feature in Blue...

openSUSE: Security Advisory for cryptctl (openSUSE-SU-2021:0907-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Github Account of Gentoo Linux Hacked, Code Replaced With Malware

Downloaded anything from Gentoo's GitHub account yesterday? Consider those files compromised and dump them now—as an unknown group of hackers or an individual managed to gain access to the GitHub account of the Gentoo Linux distribution on Thursday and replaced the original source code with a...

CVE-2017-1000110

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. It did not properly check the current user's authentication and authorization when...

Authorization

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. It did not properly check the current user's authentication and authorization when...

Design/Logic Flaw

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. Its SCM content REST API supports the pipeline creation and editing feature in Blue...

CVE-2017-1000110

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. It did not properly check the current user's authentication and authorization when...