Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.9 views

CVE-2019-16558

Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM...

8.2CVSS6.8AI score0.00592EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1414

Malicious code in bioql PyPI...

7.5CVSS6.7AI score0.00642EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2000

Malicious code in bioql PyPI...

8.2CVSS8AI score0.00592EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-47150

Malicious code in bioql PyPI...

3.8CVSS6.6AI score0.00295EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/05/14 9:31 p.m.7 views

Jenkins DingTalk Plugin Unconditionally Disables SSL/TLS Certificate and Hostname Validation

Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks...

5.9CVSS6.7AI score0.00199EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2024/03/06 6:30 p.m.43 views

Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

5.3CVSS6.8AI score0.00417EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/03/06 5:15 p.m.7 views

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

5.3CVSS6.6AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/06 5:2 p.m.15 views

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

6.7AI score0.00417EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/16 12:0 a.m.50 views

Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.17 Multiple Vulnerabilities (CloudBees Security Advisory 2023-05-16)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.17. It is, therefore, affected by multiple vulnerabilities including the following: - CSRF vulnerability and missing permission checks in Code Dx Plugin CVE-2023-2195,...

8.8CVSS6.2AI score0.72358EPSS
Exploits0References37
OSV
OSV
added 2022/05/24 4:47 p.m.19 views

GHSA-XMQV-PFW7-QMJ7 Jenkins ElectricFlow Plugin globally and unconditionally disabled SSL/TLS certificate validation

CloudBees CD Plugin unconditionally disabled SSL/TLS certificate validation for the entire Jenkins controller JVM during the deployment/publication of an application. CloudBees CD Plugin no longer does that. Instead, the existing opt-in option to ignore SSL/TLS errors is used during deployment fo...

6.5CVSS6.5AI score0.01303EPSS
Exploits0References5
NVD
NVD
added 2022/03/29 1:15 p.m.15 views

CVE-2022-28142

Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues...

7.5CVSS0.00642EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/11/19 12:0 a.m.40 views

Debian DSA-5011-1 : salt - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5011 advisory. - An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allo...

9.8CVSS7.1AI score0.92312EPSS
Exploits9References29
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.60 views

SUSE SLES11 Security Update : salt (SUSE-SU-2021:14650-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14650-1 advisory. - An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process...

9.8CVSS7.1AI score0.92312EPSS
Exploits8References33
Tenable Nessus
Tenable Nessus
added 2019/03/26 12:0 a.m.47 views

Amazon Linux AMI : python27 / python34,python35,python36 (ALAS-2019-1169)

A NULL pointer dereference vulnerability was found in the certificate parsing code in Python. This causes a denial of service to applications when parsing specially crafted certificates. This vulnerability is unlikely to be triggered if application enables SSL/TLS certificate validation and accep...

7.5CVSS7.2AI score0.20743EPSS
Exploits1References2
Rows per page
Query Builder