EUVD-2022-2655

Malicious code in bioql PyPI...

EUVD-2022-5122

Malicious code in bioql PyPI...

SSRF vulnerability due to missing permission check in Jenkins OctopusDeploy Plugin

A server-side request forgery vulnerability exists in Jenkins OctopusDeploy Plugin 1.8.1 and earlier in OctopusDeployPlugin.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL and obtain the HTTP response code if successful, and exception...

GHSA-5V2J-W677-J4MP SSRF vulnerability due to missing permission check in Jenkins OctopusDeploy Plugin

A server-side request forgery vulnerability exists in Jenkins OctopusDeploy Plugin 1.8.1 and earlier in OctopusDeployPlugin.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL and obtain the HTTP response code if successful, and exception...

CloudBees Jenkins OctopusDeploy Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . OctopusDeploy Plugin is used in which a...

CVE-2019-1003071

Jenkins OctopusDeploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

Design/Logic Flaw

Jenkins OctopusDeploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-1003071

Jenkins OctopusDeploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-1003071

Jenkins OctopusDeploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-1003071

The CVE refers to Jenkins OctopusDeploy Plugin where credentials are stored unencrypted in the plugin’s global configuration file on the Jenkins master (hudson.plugins.octopusdeploy.OctopusDeployPlugin.xml). This enables exposure to any user with access to the Jenkins controller/master file syste...

PT-2019-11361 · Jenkins · Jenkins Octopusdeploy Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins OctopusDeploy Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specifically, the...

CloudBees Jenkins OctopusDeploy Plugin Server Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . OctopusDeploy Plugin is used in which a...

CVE-2019-1003027

A server-side request forgery vulnerability exists in Jenkins OctopusDeploy Plugin 1.8.1 and earlier in OctopusDeployPlugin.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL and obtain the HTTP response code if successful, and exception...

CVE-2019-1003027

A server-side request forgery vulnerability exists in Jenkins OctopusDeploy Plugin 1.8.1 and earlier in OctopusDeployPlugin.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL and obtain the HTTP response code if successful, and exception...

Server side request forgery (ssrf)

A server-side request forgery vulnerability exists in Jenkins OctopusDeploy Plugin 1.8.1 and earlier in OctopusDeployPlugin.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL and obtain the HTTP response code if successful, and exception...

CVE-2019-1003027

The connected documents confirm a SSRF flaw in Jenkins OctopusDeploy Plugin (versions 1.8.1 and earlier) via OctopusDeployPlugin.java. An attacker with Overall/Read permission can configure Jenkins to connect to a URL under their control and retrieve the HTTP response code, or an exception messag...

CVE-2019-1003027

A server-side request forgery vulnerability exists in Jenkins OctopusDeploy Plugin 1.8.1 and earlier in OctopusDeployPlugin.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL and obtain the HTTP response code if successful, and exception...

PT-2019-11324 · Jenkins · Jenkins Octopusdeploy Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins OctopusDeploy Plugin versions 1.8.1 and earlier Description: A server-side request forgery issue exists that allows attackers with Overall/Read permission to have the server connect to an attacker-specified URL and obtain the HTTP...

CVE-2018-18850

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/octopusdeploydeploy.rb 2025-10-23 21:12:58+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...