EUVD-2022-2010

Malicious code in bioql PyPI...

EUVD-2022-5238

Malicious code in bioql PyPI...

CVE-2020-2147

A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

CVE-2020-2146

Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks...

CSRF vulnerability in Mac Plugin

A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

CloudBees Jenkins Mac Plugin Data Falsification Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . Mac Plugin is used in one of...

CVE-2020-2148

A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...

CVE-2020-2147

A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

Design/Logic Flaw

A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

CVE-2020-2146

Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks...

CVE-2020-2147

A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

PT-2020-15359 · Jenkins · Jenkins Mabl Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Mac Plugin versions 1.1.0 and earlier Description: A missing permission check in the Jenkins Mac Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...

PT-2020-15358 · Jenkins · Jenkins Mabl Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Mac Plugin versions 1.1.0 and earlier Description: A cross-site request forgery issue allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials. Recommendations: For Jenkins Mac Plugin versio...

PT-2020-15357 · Jenkins · Jenkins Mabl Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Mac Plugin versions 1.1.0 and earlier Description: The issue concerns the lack of SSH host key validation when connecting agents created by the plugin, which could enable man-in-the-middle attacks. This allows an attacker to intercept...