Lucene search
K

4 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-0210

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00288EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/01/22 6:31 p.m.56 views

Incorrect permission check in Jenkins GitLab Plugin allows enumerating credentials IDs

The Jenkins GitLab Plugin 1.9.6 and earlier does not correctly perform a permission check in an HTTP endpoint. This allows attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to enumerate credential IDs of GitLab API token credentials and...

4.3CVSS6.1AI score0.00288EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/01/22 5:15 p.m.5 views

CVE-2025-24397

An incorrect permission check in Jenkins GitLab Plugin 1.9.6 and earlier allows attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to enumerate credential IDs of GitLab API token and Secret text credentials stored in Jenkins...

4.3CVSS6.7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/03/30 12:0 a.m.5 views

PT-2021-14676 · Jenkins · Jenkins Owasp Dependency-Track Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins OWASP Dependency-Track Plugin versions 3.1.0 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins. The issue arises...

8.8CVSS8.6AI score0.0077EPSS
Exploits0References9
Rows per page
Query Builder