6 matches found
EUVD-2020-20493
Malware in sbrugna...
EUVD-2022-2158
Malicious code in bioql PyPI...
CVE-2020-27986
SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it...
SonarSource SonarQube 安全漏洞
SonarSource SonarQube is an open source code quality management system from SonarSource, Switzerland. A security vulnerability exists in SonarSource SonarQube versions prior to 9.9.5 LTA and 10.x versions prior to 10.5, which stems from the ability of a user with the administrator role to modify...
SonarSource SonarQube Information Disclosure Vulnerability (CNVD-2020-64787)
SonarSource SonarQube is an open source code quality management system from SonarSource Switzerland. An information disclosure vulnerability exists in SonarQube version 8.4.2.36762, which can be exploited by an attacker to discover plaintext SMTP, SVN, and GitLab credentials via an api set value...
CVE-2020-27986
SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it...