151 matches found
EUVD-2022-6372
Malicious code in bioql PyPI...
EUVD-2022-6850
Malicious code in bioql PyPI...
EUVD-2022-6200
Malicious code in bioql PyPI...
CVE-2022-41241
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-34809
Jenkins RQM Plugin 2.8 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...
CVE-2022-34810
A missing check in Jenkins RQM Plugin 2.8 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
Security Bulletin: Custom "Execution States" names on IBM Engineering Test Management TCER pages are vulnerable to XSS ( CVE-2021-38934 )
Summary ETM allows customization of "Execution States" names, allowing the injection of XSS payloads and making them vulnerable to XSS. Custom values into the names of "Execution States" are not encoded while displaying them on the "Test Cases Execution Records" TCER pages, allowing the execution...
GHSA-J8XR-2279-88QJ Jenkins RQM Plugin vulnerable to Improper Restriction of XML External Entity Reference
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to provide crafted API responses from Rational Quality Manager to have Jenkins parse a crafted XML document that uses external entities for extraction of...
Jenkins RQM Plugin vulnerable to Improper Restriction of XML External Entity Reference
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to provide crafted API responses from Rational Quality Manager to have Jenkins parse a crafted XML document that uses external entities for extraction of...
CVE-2022-41241
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-41241
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-41241
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-41241
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-41241
CVE-2022-41241 affects Jenkins RQM Plugin 2.8 and earlier. The root cause is improper configuration of the XML parser that fails to prevent XML External Entity (XXE) attacks. According to the NVD/CVE records, the vulnerability has high impact on confidentiality and integrity and a network attack ...
PT-2022-25757 · Jenkins · Jenkins Rqm Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins RQM Plugin versions 2.8 and earlier Description: The issue is related to the XML parser not being configured to prevent XML external entity XXE attacks. This allows attackers to provide crafted API responses that can be used to extrac...
Jenkins RQM Plugin 代码问题漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A code issue vulnerabilit...
Security Bulletin: IBM Engineering Test Management is vulnerable to execute arbitrary commands on system due to XStream ( CVE-2021-29505 ).
Summary IBM Engineering Test Management is vulnerable to remote attacker to execute arbitrary commands on the system, caused by improper input validation. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary commands on the system...
Jenkins RQM Plugin Information Disclosure Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. An attacker could exploit this vulnerability to allow a user with access to t...
Jenkins RQM Plugin Licensing Issue Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins RQM Plugin version 2.8 and prior...