EUVD-2022-5859

Malicious code in bioql PyPI...

GHSA-XV69-6RF3-W5G2 Missing permission check in Jenkins Cloud Statistics Plugin

Jenkins Cloud Statistics Plugin 0.26 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission and knowledge of random activity IDs to view related provisioning exception error messages. Jenkins Cloud Statistics Plugin 0.27 requires...

Jenkins Cloud Statistics 安全漏洞

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An improper authorization...

PT-2021-14674 · Jenkins · Jenkins Cloud Statistics Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Cloud Statistics Plugin versions 0.26 and earlier Description: The issue concerns a lack of permission check in an HTTP endpoint, allowing attackers with Overall/Read permission and knowledge of random activity IDs to view related...