19 matches found
EUVD-2022-2959
Malicious code in bioql PyPI...
GHSA-W3F7-2QFW-348X Jenkins HipChat Plugin allows credential capture due to incorrect authorization
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to send test notifications to an attacker-specified HipChat server with attacker-specified credentials IDs obtained through another...
Jenkins HipChat Plugin allows attackers with Overall/Read access to obtain credential IDs
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins. As of version 2.2.1, an enumeration of credentials IDs in this plugin...
Jenkins HipChat Plugin allows credential capture due to incorrect authorization
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to send test notifications to an attacker-specified HipChat server with attacker-specified credentials IDs obtained through another...
GHSA-798P-53R7-MGW9 Jenkins HipChat Plugin allows attackers with Overall/Read access to obtain credential IDs
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins. As of version 2.2.1, an enumeration of credentials IDs in this plugin...
CloudBees Jenkins HipChat Plugin Privilege Checking Vulnerability
CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . HipCha...
Unspecified Vulnerability in CloudBees Jenkins HipChat Plugin
CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . HipCha...
CVE-2018-1000418
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to send test notifications to an attacker-specified HipChat server with attacker-specified credentials IDs obtained through another...
CVE-2018-1000419
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins...
Authorization
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins...
CVE-2018-1000419
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins...
CVE-2018-1000418
CVE-2018-1000418 affects Jenkins HipChat Plugin (versions ≤ 2.2.0). The HipChatNotifier.java improper authorization allows users with Overall/Read access to trigger test notifications to an attacker-controlled HipChat server using attacker-specified credential IDs, enabling capture of credentials...
CVE-2018-1000419
The CVE-2018-1000419 entry concerns Jenkins HipChat Plugin (versions up to 2.2.0). The vulnerability lies in HipChatNotifier.java, enabling attackers with Overall/Read access to enumerate credentials IDs stored in Jenkins. Public references (GHSA, NVD) indicate that from version 2.2.1 the plugin ...
CVE-2018-1000418
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to send test notifications to an attacker-specified HipChat server with attacker-specified credentials IDs obtained through another...
CVE-2016-6668
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 before 7.8.17; Confluence HipChat plugin 6.26.0 before 7.8.17; and HipChat for JIRA plugin 6.26.0 before 7.8.17 allows remote attackers to obtain the secret key for communicating wit...
CVE-2016-6668 - The HipChat plugin for various products leaks the secret key it uses to communicate with a linked HipChat instance.
The Confluence HipChat plugin exposed the secret key it used to communicate with a linked HipChat service in various pages. For this vulnerability to affect your Confluence instance you must have a HipChat integration established. To exploit this issue, attackers need to have access to a Confluen...
CVE-2016-6668 - The HipChat plugin for various products leaks the secret key it uses to communicate with a linked HipChat instance.
The Confluence HipChat plugin exposed the secret key it used to communicate with a linked HipChat service in various pages. For this vulnerability to affect your Confluence instance you must have a HipChat integration established. To exploit this issue, attackers need to have access to a Confluen...
CVE-2016-6668 - The HipChat plugin for various products leaks the secret key it uses to communicate with a linked HipChat instance.
The HipChat for JIRA plugin exposed the secret key it used to communicate with a linked HipChat service in various pages. For this vulnerability to affect your JIRA instance you must have a HipChat integration established. To exploit this issue in JIRA versions 7.0.0 and higher, attackers need to...
Atlassian JIRA HipChat for JIRA Plugin Code Injection Vulnerability
Atlassian JIRA is a defect tracking management system from Atlassian Australia. HipChat for JIRA is a real-time collaborative plug-in for tracking and managing all types of issues and defects in the workplace. Atlassian JIRA HipChat for JIRA plugin version 6.30.0 before a security vulnerability...