18 matches found
EUVD-2023-2195
Malicious code in bioql PyPI...
EUVD-2023-2377
Malicious code in bioql PyPI...
EUVD-2024-0977
Malicious code in bioql PyPI...
EUVD-2024-1044
Malicious code in bioql PyPI...
CVE-2024-28162
In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...
CVE-2024-28161
In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...
CVE-2019-10453
Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default
In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...
CVE-2024-28162
In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...
CVE-2024-28161
In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...
CVE-2024-28161
In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...
CVE-2024-28161
CVE-2024-28161 (Jenkins Delphix Plugin 3.0.1) : The issue is a misconfiguration where a global option to enable/disable SSL/TLS certificate validation for Data Control Tower (DCT) connections is disabled by default. This creates a potential for connections to proceed without proper certificate va...
PT-2024-22308 · Jenkins · Jenkins Delphix Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Delphix Plugin versions 3.0.1 through 3.1.0 Description: The global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections does not take effect until Jenkins is restarted...
CVE-2023-40345
Jenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Overall/Read permission to access and capture credentials they are not entitled to...
PT-2023-27403 · Jenkins · Jenkins Delphix Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Delphix Plugin versions 3.0.2 and earlier Description: The issue allows attackers with Overall/Read permission to access and capture credentials they are not entitled to, due to the plugin not setting the appropriate context for...
CVE-2019-10453
Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Design/Logic Flaw
Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10453
Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...