Lucene search
K

320 matches found

Tenable Nessus
Tenable Nessus
added 2023/07/20 12:0 a.m.25 views

Amazon Linux 2 : python-requests (ALAS-2023-2110)

The version of python-requests installed on the remote host is prior to 2.6.0-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2110 advisory. A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy- Authorization header...

6.1CVSS7.1AI score0.02782EPSS
Exploits1References4
OSV
OSV
added 2023/06/28 5:21 a.m.5 views

MGASA-2023-0210 Updated python-requests packages fix security vulnerability

Forwarding proxy credentials to the destination server unintentionally CVE-2023-32681...

6.1CVSS6.5AI score0.02782EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/05/26 12:0 a.m.2 views

Requests 信息泄露漏洞

Requests is an elegant and simple HTTP library from the Python Foundation. With Requests, you can send HTTP / 1.1 requests very easily. There is no need to manually add query strings to your URLs or form-encode POST data. A security vulnerability exists in Requests versions prior to 2.31.0 that...

6.1CVSS7.2AI score0.02782EPSS
Exploits1References20
OSV
OSV
added 2023/04/25 7:15 p.m.5 views

CVE-2023-28086

An HPE OneView appliance dump may expose proxy credential settings...

5.5CVSS6.1AI score0.0017EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/25 6:39 p.m.7 views

CVE-2023-28086

An HPE OneView appliance dump may expose proxy credential settings...

5.6AI score0.0017EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/04/25 12:0 a.m.4 views

Hewlett Packard Enterprise OneView 安全漏洞

Hewlett Packard Enterprise OneView is a software from Hewlett Packard Enterprise that facilitates automated device management for IT departments. A security vulnerability exists in Hewlett Packard Enterprise OneView that stems from a device dump that could expose proxy credential settings...

5.5CVSS5.7AI score0.0017EPSS
Exploits0References3
OSV
OSV
added 2023/03/28 9:30 p.m.19 views

GHSA-C4JR-VJM4-27HQ Veracode Scan Jenkins Plugin vulnerable to information disclosure

Veracode Scan Jenkins Plugin before 23.3.19.0 is vulnerable to information disclosure of proxy credentials in job logs under specific configurations. Users are potentially affected if they: - are using Veracode Scan Jenkins Plugin prior to 23.3.19.0 - AND have configured Veracode Scan to run on...

4.4CVSS5.3AI score0.00647EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2023/03/28 9:30 p.m.22 views

Veracode Scan Jenkins Plugin vulnerable to information disclosure

Veracode Scan Jenkins Plugin before 23.3.19.0 is vulnerable to information disclosure of proxy credentials in job logs under specific configurations. Users are potentially affected if they: - are using Veracode Scan Jenkins Plugin prior to 23.3.19.0 - AND have configured Veracode Scan to run on...

6.5CVSS5.9AI score0.00647EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/03/28 8:15 p.m.3 views

CVE-2023-25721

Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agent jobs, allows users with access to view the job log to...

6.5CVSS5.8AI score0.00647EPSS
Exploits0References2
OSV
OSV
added 2023/03/28 8:15 p.m.6 views

CVE-2023-25722

A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...

5.5CVSS6.1AI score0.00206EPSS
Exploits0References2
NVD
NVD
added 2023/03/28 8:15 p.m.10 views

CVE-2023-25721

Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agent jobs, allows users with access to view the job log to...

6.5CVSS6.5AI score0.00647EPSS
Exploits0References2
NVD
NVD
added 2023/03/28 8:15 p.m.10 views

CVE-2023-25722

A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...

5.5CVSS5.5AI score0.00206EPSS
Exploits0References2
Prion
Prion
added 2023/03/28 8:15 p.m.13 views

Code injection

A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...

1.7CVSS5.5AI score0.00206EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/03/28 12:0 a.m.3 views

Jenkins Plugin Veracode Scan 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

6.5CVSS6.5AI score0.00647EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/03/28 12:0 a.m.5 views

CVE-2023-25722

A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...

5.5AI score0.00206EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/28 12:0 a.m.9 views

CVE-2023-25721

Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agent jobs, allows users with access to view the job log to...

6.5AI score0.00647EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/28 12:0 a.m.19 views

CVE-2023-25721

Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agent jobs, allows users with access to view the job log to...

6.6AI score0.00647EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/28 12:0 a.m.4 views

Jenkins Plugin Veracode Scan 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.5CVSS5.8AI score0.00206EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/28 12:0 a.m.7 views

PT-2023-20274 · Veracode · Veracode Azure Devops Extension +2

Name of the Vulnerable Software and Affected Versions: Veracode Scan Jenkins Plugin versions prior to 23.3.19.0 Veracode Azure DevOps Extension versions prior to 3.20.0 Description: A credential-leak issue was discovered in related Veracode products. The Veracode Scan Jenkins Plugin, when...

5.5CVSS5.3AI score0.00206EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/03/28 12:0 a.m.15 views

CVE-2023-25722

A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...

5.8AI score0.00206EPSS
Exploits0References2
Rows per page
Query Builder