EUVD-2022-4069

Malicious code in bioql PyPI...

CVE-2018-1999034

A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to...

CVE-2019-10412

Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

Jenkins Inedo ProGet Plugin Plugin has Cleartext Transmission of Sensitive Information

Inedo ProGet Plugin Plugin stores a service password in its global Jenkins configuration. While the password is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the password through browser extensions, cross-site...

GHSA-F6G8-PXVP-9328 Jenkins Inedo ProGet Plugin Plugin has Cleartext Transmission of Sensitive Information

Inedo ProGet Plugin Plugin stores a service password in its global Jenkins configuration. While the password is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the password through browser extensions, cross-site...

Jenkins Inedo ProGet Plugin globally and unconditionally disabled SSL/TLS certificate validation

A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to...

Unspecified Vulnerability in CloudBees Jenkins Inedo ProGet Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Inedo ProGet Plugin is used in one of the...

CVE-2019-10412

Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

CVE-2019-10412

Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

Code injection

Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

CVE-2019-10412

CVE-2019-10412 affects the CloudBees/Jenkins Inedo ProGet Plugin up to version 1.2, where credentials configured in the global Jenkins configuration form were transmitted in plain text, exposing sensitive data. The root cause involves the plugin storing a service password (encrypted on disk) but ...

CloudBees Jenkins Inedo ProGet Plugin SSL / TLS Certificate Validation Vulnerability

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Inedo ProGet Plugin is used in one o...

CVE-2018-1999034

A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to...

Design/Logic Flaw

A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to...

CVE-2018-1999034

A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to...

CVE-2018-1999034

CVE-2018-1999034 describes a man-in-the-middle vulnerability in Jenkins Inedo ProGet Plugin versions 0.8 and earlier, affecting ProGetApi.java, ProGetConfig.java, and ProGetConfiguration.java. The issue enables an attacker to impersonate any service that Jenkins connects to, due to insecure handl...

CVE-2018-1999034

A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to...