20 matches found
EUVD-2022-5388
Malicious code in bioql PyPI...
EUVD-2022-4864
Malicious code in bioql PyPI...
CVE-2019-10366
Jenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
GHSA-Q2WV-M3PQ-XPV9 Credentials transmitted in plain text by Skytap Cloud CI Plugin
Skytap Cloud CI Plugin stores credentials in job config.xml files as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the configuration form by Skytap Cloud CI Plugin 2.07 and earlier. These credentials could be viewed by...
Credentials transmitted in plain text by Skytap Cloud CI Plugin
Skytap Cloud CI Plugin stores credentials in job config.xml files as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the configuration form by Skytap Cloud CI Plugin 2.07 and earlier. These credentials could be viewed by...
GHSA-VP26-4HJ6-JRVX Skytap Cloud CI Plugin stored credentials in plain text
Jenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
Skytap Cloud CI Plugin stored credentials in plain text
Jenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CloudBees Jenkins Skytap Cloud CI Plugin Information Disclosure Vulnerability
CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Skytap Cloud CI Plugin is used in one of the plug-in for...
CVE-2020-2157
Jenkins Skytap Cloud CI Plugin 2.07 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure...
Code injection
Jenkins Skytap Cloud CI Plugin 2.07 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure...
CVE-2020-2157
CVE-2020-2157 affects Jenkins Skytap Cloud CI Plugin, versions 2.07 and earlier. The underlying issue is that credentials are transmitted in plain text as part of job configuration forms, while stored encrypted on disk in config.xml. This can lead to exposure, e.g., to users with Extended Read pe...
CVE-2020-2157
Jenkins Skytap Cloud CI Plugin 2.07 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure...
PT-2020-15375 · Jenkins · Jenkins Skytap Cloud Ci Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Skytap Cloud CI Plugin versions 2.07 and earlier Description: The issue concerns the transmission of configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. The credentials are...
Jenkins Skytap Cloud CI Cleartext Storage of Credentials Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Jenkins Skytap Cloud CI. Authentication is required to exploit this vulnerability. The specific flaw exists within the Skytap Cloud CI plugin. The issue results from storing credentials in...
CloudBees Jenkins Skytap Cloud CI Plugin Trust Management Issue Vulnerability
CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Skytap Cloud CI Plugin is used in one of the plug-in for...
CVE-2019-10366
Jenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10366
Jenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
Design/Logic Flaw
Jenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10366
Jenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10366
CVE-2019-10366 affects the Jenkins Skytap Cloud CI Plugin up to version 2.06. The issue is that credentials were stored in plaintext in job config.xml files on the Jenkins master, allowing disclosure to users with Extended Read permission or anyone with access to the master filesystem. The connec...