17 matches found
EUVD-2022-2638
Malicious code in bioql PyPI...
GHSA-5Q7J-8HPC-4848 Server-side request forgery vulnerability in Jenkins Mesos Plugin
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos server with attacker-specified credentials IDs obtained through another method,...
Server-side request forgery vulnerability in Jenkins Mesos Plugin
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos server with attacker-specified credentials IDs obtained through another method,...
Improper authorization vulnerability in Jenkins Mesos Plugin
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins...
GHSA-23XR-9XXR-VG3C Improper authorization vulnerability in Jenkins Mesos Plugin
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins...
CloudBees Jenkins Mesos Plugin Access Privilege Vulnerability
CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. It is mainly used to monitor continuous software release/testing projects and some timed tasks. Mesos Plugin is a plugin that can dynamically start Jenkins slave servers on a...
CloudBees Jenkins Mesos Plugin Improper Authorization Vulnerability
CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. It is mainly used to monitor ongoing software releases/testing projects and a number of timed tasks.Mesos Plugin is used in one of the ability to dynamically start Jenkins slav...
CVE-2018-1000421
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos server with attacker-specified credentials IDs obtained through another method,...
CVE-2018-1000420
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins...
CVE-2018-1000421
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos server with attacker-specified credentials IDs obtained through another method,...
CVE-2018-1000420
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins...
Authorization
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins...
Authorization
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos server with attacker-specified credentials IDs obtained through another method,...
CVE-2018-1000421
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos server with attacker-specified credentials IDs obtained through another method,...
CVE-2018-1000420
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins...
CVE-2018-1000420
CVE-2018-1000420 affects the Jenkins Mesos Plugin up to and including version 0.17.1, where MesosCloud.java contains an improper authorization flaw. The issue allows attackers with Overall/Read access to retrieve credentials IDs for credentials stored in Jenkins, exposing sensitive credential ref...
CVE-2018-1000421
CVE-2018-1000421 affects Jenkins Mesos Plugin up to version 0.17.1. The root cause is an improper authorization in MesosCloud.java that allows attackers with Overall/Read access to initiate a test connection to a attacker-specified Mesos server using attacker-specified credentials IDs, enabling e...