29 matches found
CVE-2023-49654
Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system...
CVE-2023-49656
Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
EUVD-2023-2913
Malicious code in bioql PyPI...
EUVD-2023-2953
Malicious code in bioql PyPI...
EUVD-2023-2937
Malicious code in bioql PyPI...
CVE-2023-49655
A cross-site request forgery CSRF vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system...
GHSA-9F5G-RGCR-8GRW Jenkins MATLAB Plugin cross-site request forgery vulnerability
Jenkins MATLAB Plugin determines whether a user-specified directory on the Jenkins controller is the location of a MATLAB installation by parsing an XML file in that directory. MATLAB Plugin 2.11.0 and earlier does not perform permission checks in several HTTP endpoints implementing related form...
Jenkins MATLAB Plugin missing permission checks
Jenkins MATLAB Plugin determines whether a user-specified directory on the Jenkins controller is the location of a MATLAB installation by parsing an XML file in that directory. MATLAB Plugin 2.11.0 and earlier does not perform permission checks in several HTTP endpoints implementing related form...
GHSA-82Q9-88M2-4V68 Jenkins MATLAB Plugin XML External Entity vulnerability
Jenkins MATLAB Plugin determines whether a user-specified directory on the Jenkins controller is the location of a MATLAB installation by parsing an XML file in that directory. MATLAB Plugin 2.11.0 and earlier does not perform permission checks in several HTTP endpoints implementing related form...
GHSA-CV4X-9F34-8RP9 Jenkins MATLAB Plugin missing permission checks
Jenkins MATLAB Plugin determines whether a user-specified directory on the Jenkins controller is the location of a MATLAB installation by parsing an XML file in that directory. MATLAB Plugin 2.11.0 and earlier does not perform permission checks in several HTTP endpoints implementing related form...
CVE-2023-49654
Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system...
CVE-2023-49655
A cross-site request forgery CSRF vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system...
CVE-2023-49655
A cross-site request forgery CSRF vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system...
CVE-2023-49654
Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system...
CVE-2023-49656
Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system...
Xxe
Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Information disclosure
Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system...
CVE-2023-49656
The CVE-2023-49656 entry concerns the Jenkins MATLAB Plugin up to version 2.11.0, where the XML parser is not configured to prevent XML External Entity (XXE) attacks. The Red Hat, GitHub advisory, and Nessus entry corroborate that MATLAB Plugin 2.11.1 fixes the XXE vulnerability by configuring th...
CVE-2023-49656
Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...