17 matches found
CVE-2019-16558
Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM...
EUVD-2022-4836
Malicious code in bioql PyPI...
EUVD-2022-2000
Malicious code in bioql PyPI...
CVE-2019-16543
Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
GHSA-2J5W-CWC3-8HXW Improper Certificate Validation in Jenkins Spira Importer Plugin
Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM...
Plaintext Storage in Jenkins Spira Importer Plugin
Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CloudBees Jenkins Spira Importer Plugin Trust Management Issue Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software release/testing projects and some timed tasks . Spira Importer Plugin is used in one of the SpiraPla...
CVE-2019-16558
Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM...
CVE-2019-16558
Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM...
CVE-2019-16558
Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM...
CVE-2019-16558
CVE-2019-16558 affects the Jenkins Spira Importer Plugin, versions up to 3.2.3. The root cause is that the plugin disables SSL/TLS certificate validation in the Jenkins master JVM, allowing potential man-in-the-middle exposure. CVSS shows network attack with high impact on confidentiality (C) and...
PT-2019-14713 · Jenkins · Jenkins Spira Importer Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Spira Importer Plugin versions 3.2.3 and earlier Description: The issue concerns the disabling of SSL/TLS certificate validation for the Jenkins master JVM. Recommendations: For Jenkins Spira Importer Plugin versions 3.2.3 and earlier...
CloudBees Jenkins Information Disclosure Vulnerability (CNVD-2020-17205)
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software release/testing projects and some timed tasks . Spira Importer Plugin is used in one of the SpiraPla...
CVE-2019-16543
Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-16543
Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Design/Logic Flaw
Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-16543
The CVE-2019-16543 entry affects Jenkins Spira Importer Plugin versions 3.2.2 and earlier, where credentials are stored unencrypted in the plugin’s global configuration file on the Jenkins master. This exposes sensitive credentials to anyone with access to the master filesystem. Concretely, the r...