Malicious Package

Overview react-release-manager is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

EUVD-2022-5547

Malicious code in bioql PyPI...

MAL-2025-5693 Malicious code in frontend-release-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c7b669533af76df1c26a09f15c4e4251d5ebc14cfaceae8a7af9dacbe4f8741 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in frontend-release-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c7b669533af76df1c26a09f15c4e4251d5ebc14cfaceae8a7af9dacbe4f8741 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-release-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3056b390e6fea55432a197cca0d614e66de98058a3e4b6087a547a66327ee6c5 The OpenSSF Package Analysis project identified 'react-release-manager' @ 1.1.3 npm as malicious. It is considered malicious because: - The...

MAL-2024-12117 Malicious code in react-release-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3056b390e6fea55432a197cca0d614e66de98058a3e4b6087a547a66327ee6c5 The OpenSSF Package Analysis project identified 'react-release-manager' @ 1.1.3 npm as malicious. It is considered malicious because: - The...

Jenkins Subversion Partial Release Manager Plugin programmatically disables the fix for CVE-2016-3721

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically sets the Java system property hudson.model.ParametersAction.keepUndefinedParameters whenever a build is triggered from a release tag with the 'Svn-Partial Release Manager' SCM. Doing so disables the fix for...

GHSA-PHH3-2P9M-W6J5 Jenkins Subversion Partial Release Manager Plugin programmatically disables the fix for CVE-2016-3721

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically sets the Java system property hudson.model.ParametersAction.keepUndefinedParameters whenever a build is triggered from a release tag with the 'Svn-Partial Release Manager' SCM. Doing so disables the fix for...

CVE-2024-34148

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'...

CVE-2024-34148

CVE-2024-34148 affects Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier, which programmatically disables the CVE-2016-3721 fix by setting the Java system property hudson.model.ParametersAction.keepUndefinedParameters on release-tag builds. The GitHub advisory states there is no...

CVE-2024-34148

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'...

CVE-2024-34148

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'...

Jenkins plugins Multiple Vulnerabilities (2024-05-02)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - High Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are...

Jenkins Plugin Subversion Partial Release Manager 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

GHSA-MR9J-QQJH-67F2 Jenkins Subversion Partial Release Manager Plugin missing permission check

A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permission to trigger a build...

Jenkins Subversion Partial Release Manager Plugin missing permission check

A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permission to trigger a build...

GHSA-RV35-69FF-G9GV Jenkins Subversion Partial Release Manager Plugin vulnerable to Cross-Site Request Forgery

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

CVE-2024-28158

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

CVE-2024-28159

CVE-2024-28159 affects Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier. The issue is a missing permission check in the plugin, allowing attackers with Item/Read permission to trigger a build via an HTTP endpoint. This is the core risk described across multiple sources (NVD/Red...