19 matches found
EUVD-2022-5709
Malicious code in bioql PyPI...
CVE-2019-10314
Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM...
CVE-2019-10298
Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Jenkins Koji Plugin globally and unconditionally disables SSL/TLS certificate validation
Jenkins Koji Plugin unconditionally disables SSL/TLS certificate validation for the entire Jenkins controller JVM. As of publication of this advisory, there is no fix...
GHSA-3QF7-9XHJ-QCFJ Jenkins Koji Plugin globally and unconditionally disables SSL/TLS certificate validation
Jenkins Koji Plugin unconditionally disables SSL/TLS certificate validation for the entire Jenkins controller JVM. As of publication of this advisory, there is no fix...
Jenkins Koji Plugin stores credentials in plain text
Jenkins Koji Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.koji.KojiBuilder.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...
CVE-2019-10314
Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM...
CVE-2019-10314
Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM...
Code injection
Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM...
CVE-2019-10314
CVE-2019-10314 affects the Jenkins Koji Plugin, which disables SSL/TLS and hostname verification globally for the Jenkins master JVM. The vulnerability is described across multiple sources (NVD entry, Red Hat advisory, GHSA) as the plugin unconditionally bypassing certificate validation for the e...
CVE-2019-10314
Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM...
PT-2019-11716 · Jenkins · Jenkins Koji Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Koji Plugin affected versions not specified Description: The issue concerns the Jenkins Koji Plugin, which disables SSL/TLS and hostname verification globally for the Jenkins master JVM. This means the plugin unconditionally disables...
CVE-2019-10298
Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10298
Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Design/Logic Flaw
Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10298
Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10298
Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-10298
CVE-2019-10298 : The issue affects the Jenkins Koji Plugin, where credentials are stored unencrypted in the global configuration file on the Jenkins master (org.jenkinsci.plugins.koji.KojiBuilder.xml). This file is accessible to users with filesystem access to the Jenkins controller, enabling una...
PT-2019-11700 · Jenkins · Jenkins Koji Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Koji Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specifically, credentials are...