EUVD-2022-3616

Malicious code in bioql PyPI...

CVE-2018-1999027

An exposure of sensitive information vulnerability exists in Jenkins SaltStack Plugin 3.1.6 and earlier in SaltAPIBuilder.java, SaltAPIStep.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins...

Jenkins SaltStack Plugin allows attackers to capture credentials with a known credentials ID stored in Jenkins

An exposure of sensitive information vulnerability exists in Jenkins SaltStack Plugin 3.1.6 and earlier in SaltAPIBuilder.java, SaltAPIStep.java. SaltStack Plugin did not perform permission checks on methods implementing form validation. This allowed users with Overall/Read access to Jenkins to...

GHSA-CQP4-CV7H-7JP5 Jenkins SaltStack Plugin allows attackers to capture credentials with a known credentials ID stored in Jenkins

An exposure of sensitive information vulnerability exists in Jenkins SaltStack Plugin 3.1.6 and earlier in SaltAPIBuilder.java, SaltAPIStep.java. SaltStack Plugin did not perform permission checks on methods implementing form validation. This allowed users with Overall/Read access to Jenkins to...

Improper Authorization

Overview smartproxysalt is a Saltstack plug-in for Foreman's Smart Proxy. Affected versions of this package are vulnerable to Improper Authorization by allowing foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to...

CloudBees Jenkins SaltStack Plugin Information Disclosure Vulnerability

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and a number of timed tasks . SaltStack Plugin is used in one of the automated...

Design/Logic Flaw

An exposure of sensitive information vulnerability exists in Jenkins SaltStack Plugin 3.1.6 and earlier in SaltAPIBuilder.java, SaltAPIStep.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins...

CVE-2018-1999027

An exposure of sensitive information vulnerability exists in Jenkins SaltStack Plugin 3.1.6 and earlier in SaltAPIBuilder.java, SaltAPIStep.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins...

CVE-2018-1999027

An exposure of sensitive information vulnerability exists in Jenkins SaltStack Plugin 3.1.6 and earlier in SaltAPIBuilder.java, SaltAPIStep.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins...

CVE-2018-1999027

The CVE-2018-1999027 entry concerns a sensitive-information disclosure in the Jenkins SaltStack Plugin (versions 3.1.6 and earlier) through SaltAPIBuilder.java and SaltAPIStep.java, allowing an attacker to capture credentials stored in Jenkins via a known credentials ID. Technical root cause incl...