Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.9 views

CVE-2019-16558

Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM...

8.2CVSS6.8AI score0.00592EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-4836

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.00323EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2000

Malicious code in bioql PyPI...

8.2CVSS8AI score0.00592EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:36 a.m.9 views

CVE-2019-16543

Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.5CVSS6.7AI score0.00323EPSS
Exploits0References1
OSV
OSV
added 2022/05/24 5:3 p.m.24 views

GHSA-2J5W-CWC3-8HXW Improper Certificate Validation in Jenkins Spira Importer Plugin

Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM...

8.2CVSS8.3AI score0.00592EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/24 5:1 p.m.29 views

Plaintext Storage in Jenkins Spira Importer Plugin

Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.5CVSS3.8AI score0.00323EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2019/12/18 12:0 a.m.1 views

CloudBees Jenkins Spira Importer Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software release/testing projects and some timed tasks . Spira Importer Plugin is used in one of the SpiraPla...

8.2CVSS6.9AI score0.00592EPSS
Exploits0References1
OSV
OSV
added 2019/12/17 3:15 p.m.5 views

CVE-2019-16558

Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM...

8.2CVSS7.3AI score0.00592EPSS
Exploits0References2
NVD
NVD
added 2019/12/17 3:15 p.m.16 views

CVE-2019-16558

Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM...

8.2CVSS8.3AI score0.00592EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/12/17 2:40 p.m.21 views

CVE-2019-16558

Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM...

8.3AI score0.00592EPSS
Exploits0References2
CVE
CVE
added 2019/12/17 2:40 p.m.62 views

CVE-2019-16558

CVE-2019-16558 affects the Jenkins Spira Importer Plugin, versions up to 3.2.3. The root cause is that the plugin disables SSL/TLS certificate validation in the Jenkins master JVM, allowing potential man-in-the-middle exposure. CVSS shows network attack with high impact on confidentiality (C) and...

8.2CVSS8.2AI score0.00592EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2019/12/17 12:0 a.m.7 views

PT-2019-14713 · Jenkins · Jenkins Spira Importer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Spira Importer Plugin versions 3.2.3 and earlier Description: The issue concerns the disabling of SSL/TLS certificate validation for the Jenkins master JVM. Recommendations: For Jenkins Spira Importer Plugin versions 3.2.3 and earlier...

8.2CVSS8AI score0.00592EPSS
Exploits0References4
CNVD
CNVD
added 2019/11/26 12:0 a.m.2 views

CloudBees Jenkins Information Disclosure Vulnerability (CNVD-2020-17205)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software release/testing projects and some timed tasks . Spira Importer Plugin is used in one of the SpiraPla...

5.5CVSS6.8AI score0.00323EPSS
Exploits0References1
OSV
OSV
added 2019/11/21 3:15 p.m.3 views

CVE-2019-16543

Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.5CVSS6.1AI score0.00323EPSS
Exploits0References2
NVD
NVD
added 2019/11/21 3:15 p.m.29 views

CVE-2019-16543

Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.5CVSS5.4AI score0.00323EPSS
Exploits0References2
Prion
Prion
added 2019/11/21 3:15 p.m.13 views

Design/Logic Flaw

Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

2.1CVSS5.4AI score0.00323EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/11/21 2:11 p.m.83 views

CVE-2019-16543

The CVE-2019-16543 entry affects Jenkins Spira Importer Plugin versions 3.2.2 and earlier, where credentials are stored unencrypted in the plugin’s global configuration file on the Jenkins master. This exposes sensitive credentials to anyone with access to the master filesystem. Concretely, the r...

5.5CVSS5.4AI score0.00323EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder