6 matches found
EUVD-2022-6791
Malicious code in bioql PyPI...
Jenkins WildFly Deployer Plugin vulnerable to path traversal
Jenkins WildFly Deployer Plugin 1.0.2 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system. This vulnerability is only exploitable in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. See the LTS upgrade guide...
CVE-2022-41235
Jenkins WildFly Deployer Plugin 1.0.2 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system...
PT-2022-25751 · Jenkins · Jenkins Wildfly Deployer Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins WildFly Deployer Plugin versions 1.0.2 and earlier Description: The issue allows agent processes to read arbitrary files on the Jenkins controller file system. This is only exploitable in certain versions of Jenkins, specifically 2.31...
CVE-2019-1003072
Jenkins WildFly Deployer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-1003072
Jenkins WildFly Deployer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...