21 matches found
EUVD-2022-5862
Malicious code in bioql PyPI...
EUVD-2022-7055
Malicious code in bioql PyPI...
CVE-2022-43414
Jenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files inside a user-specified directory as test results, allowing attackers able to control agent processes to obtain test results from files in an attacker-specified directory on the Jenkins controller...
GHSA-8CXW-WVHC-P4X4 Jenkins NUnit Plugin vulnerable to Protection Mechanism Failure
Jenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files inside a user-specified directory as test results, allowing attackers able to control agent processes to obtain test results from files in an attacker-specified directory on the Jenkins controller...
Jenkins NUnit Plugin vulnerable to Protection Mechanism Failure
Jenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files inside a user-specified directory as test results, allowing attackers able to control agent processes to obtain test results from files in an attacker-specified directory on the Jenkins controller...
CVE-2022-43414
Jenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files inside a user-specified directory as test results, allowing attackers able to control agent processes to obtain test results from files in an attacker-specified directory on the Jenkins controller...
CVE-2022-43414
Jenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files inside a user-specified directory as test results, allowing attackers able to control agent processes to obtain test results from files in an attacker-specified directory on the Jenkins controller...
Code injection
Jenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files inside a user-specified directory as test results, allowing attackers able to control agent processes to obtain test results from files in an attacker-specified directory on the Jenkins controller...
CVE-2022-43414
Jenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files inside a user-specified directory as test results, allowing attackers able to control agent processes to obtain test results from files in an attacker-specified directory on the Jenkins controller...
Jenkins Plugin NUnit 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2022-26899 · Jenkins · Jenkins Junit Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins NUnit Plugin versions 0.27 and earlier Description: The issue allows attackers who can control agent processes to obtain test results from files in an attacker-specified directory on the Jenkins controller. This is due to the...
CVE-2022-43414
Jenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files inside a user-specified directory as test results, allowing attackers able to control agent processes to obtain test results from files in an attacker-specified directory on the Jenkins controller...
CVE-2022-43414
CVE-2022-43414 concerns the Jenkins NUnit Plugin (versions 0.27 and earlier). The vulnerability arises from an agent-to-controller message that parses files inside a user-specified directory as test results, enabling attackers who can control agent processes to access test results from files loca...
GHSA-XVHF-Q744-5XM8 XXE vulnerability in NUnit Plugin
NUnit Plugin 0.25 and earlier does not configure the XML parser to prevent XML external entity XXE attacks. This allows a user able to control the input files for its post-build step to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins...
XXE vulnerability in NUnit Plugin
NUnit Plugin 0.25 and earlier does not configure the XML parser to prevent XML external entity XXE attacks. This allows a user able to control the input files for its post-build step to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins...
CVE-2020-2115
Jenkins NUnit Plugin 0.25 and earlier does not configure the XML parser to prevent XML external entity XXE attacks...
CVE-2020-2115
Jenkins NUnit Plugin 0.25 and earlier does not configure the XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins NUnit Plugin 0.25 and earlier does not configure the XML parser to prevent XML external entity XXE attacks...
CVE-2020-2115
CVE-2020-2115 affects Jenkins NUnit Plugin 0.25 and earlier. The root cause is that the XML parser is not configured to prevent XML External Entity (XXE) attacks, allowing an attacker who controls input files for the post-build step to have Jenkins parse crafted XML and potentially leak secrets, ...
CVE-2020-2115
Jenkins NUnit Plugin 0.25 and earlier does not configure the XML parser to prevent XML external entity XXE attacks...