CVE-2022-3279

An unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to prevent access to job logs...

PT-2022-26790 · Xxl-Job · Xxl-Job

Name of the Vulnerable Software and Affected Versions: XXL-Job versions prior to 2.3.1 Description: The issue is related to a Server-Side Request Forgery SSRF in the component /admin/controller/JobLogController.java. This allows for potential exploitation. Recommendations: For versions prior to...

PT-2020-13481 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.2.10 GitLab versions prior to 13.3.7 GitLab versions prior to 13.4.2 Description: A Stored XSS issue has been discovered in the CI Job Log of GitLab. Recommendations: For versions prior to 13.2.10, update to versio...

CVE-2019-4385

IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect Plus Joblog. This can result in an attacker gaining access to sensitive information as well as vSnap. IBM X-Force ID: 162173...

Security Bulletin: Password exposure via job log in IBM Spectrum Protect Plus (CVE-2019-4385)

Summary IBM Spectrum Protect Plus may display the vSNAP CIFS password in the Spectrum Protect Plus job log Vulnerability Details CVEID: CVE-2019-4385 DESCRIPTION: IBM Spectrum Protect Plus may display the vSnap CIFS password in the IBM Spectrum Protect Plus job log. This can result in an attacker...