EUVD-2022-3233

Malicious code in bioql PyPI...

EUVD-2022-4971

Malicious code in bioql PyPI...

CVE-2019-10444

Jenkins Bumblebee HP ALM Plugin 4.1.3 and earlier unconditionally disabled SSL/TLS and hostname verification for connections to HP ALM...

Credentials stored in plain text by Jenkins Bumblebee HP ALM Plugin

Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file com.agiletestware.bumblebee.BumblebeeGlobalConfig.xml on the Jenkins controller as part of its configuration. These credentials can be viewed by users with access to the Jenkins...

GHSA-8V72-QR3H-C6RV Credentials stored in plain text by Jenkins Bumblebee HP ALM Plugin

Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file com.agiletestware.bumblebee.BumblebeeGlobalConfig.xml on the Jenkins controller as part of its configuration. These credentials can be viewed by users with access to the Jenkins...

GHSA-FC3J-CFQV-PFRM Password stored in plain text by Jenkins HP ALM Quality Center Plugin

HP ALM Quality Center Plugin 1.6 and earlier stores a password in plain text in its global configuration file org.jenkinsci.plugins.qc.QualityCenterIntegrationRecorder.xml. This password can be viewed by users with access to the Jenkins controller file system...

Password stored in plain text by Jenkins HP ALM Quality Center Plugin

HP ALM Quality Center Plugin 1.6 and earlier stores a password in plain text in its global configuration file org.jenkinsci.plugins.qc.QualityCenterIntegrationRecorder.xml. This password can be viewed by users with access to the Jenkins controller file system...

Jenkins Bumblebee HP ALM Plugin unconditionally disabled SSL/TLS certificate validation

Jenkins Bumblebee HP ALM Plugin unconditionally disabled SSL/TLS certificate validation for connections to the HP ALM service. Bumblebee HP ALM Plugin no longer does that. Instead, it now allows users to opt out of certificate validation...

GHSA-QGP8-H5CP-R75R Jenkins Bumblebee HP ALM Plugin unconditionally disabled SSL/TLS certificate validation

Jenkins Bumblebee HP ALM Plugin unconditionally disabled SSL/TLS certificate validation for connections to the HP ALM service. Bumblebee HP ALM Plugin no longer does that. Instead, it now allows users to opt out of certificate validation...

CVE-2021-21614

Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

CVE-2021-21614

Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

Design/Logic Flaw

Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

CVE-2021-21614

Summary: CVE-2021-21614 affects the Jenkins Bumblebee HP ALM Plugin (version 4.1.5 and earlier). The underlying issue is that credentials are stored unencrypted in the plugin’s global configuration file on the Jenkins controller, which can be viewed by users with access to the controller filesyst...

CVE-2021-21614

Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

CVE-2021-21614

Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

Cloudbees Jenkins 信息泄露漏洞

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/testing project and some timed tasks . Bumblebee HP ALM Plugin is us...

Unspecified Vulnerability in CloudBees Jenkins HP ALM Quality Center Plugin

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . A security vulnerability exists in...

CVE-2020-2218

Jenkins HP ALM Quality Center Plugin 1.6 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system...

Design/Logic Flaw

Jenkins HP ALM Quality Center Plugin 1.6 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system...

CVE-2020-2218

The CVE-2020-2218 entry concerns Jenkins HP ALM Quality Center Plugin (versions 1.6 and earlier). The vulnerability arises because the plugin stores a password unencrypted in the global configuration file on the Jenkins master, specifically in org.jenkinsci.plugins.qc.QualityCenterIntegrationReco...