5 matches found
EUVD-2023-2710
Malicious code in bioql PyPI...
EUVD-2022-3060
Malicious code in bioql PyPI...
CVE-2021-21647
Jenkins CloudBees CD Plugin 1.1.21 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Item/Read permission to schedule builds of projects without having Item/Build permission...
Design/Logic Flaw
Jenkins CloudBees CD Plugin 1.1.32 and earlier follows symbolic links to locations outside of the directory from which artifacts are published during the 'CloudBees CD - Publish Artifact' post-build step, allowing attackers able to configure jobs to publish arbitrary files from the Jenkins...
PT-2023-30144 · Cloudbees +1 · Jenkins Cloudbees Cd Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins CloudBees CD Plugin versions 1.1.32 and earlier Description: The issue allows attackers who can configure jobs to publish arbitrary files from the Jenkins controller file system to the previously configured CloudBees CD server. This i...