Lucene search
K

107 matches found

RedhatCVE
RedhatCVE
added 2017/07/14 10:24 a.m.38 views

CVE-2017-1000085

Subversion Plugin improperly checked permissions, requiring just Item/Build instead of Item/Configure when used. This allows a user to specify an attacker-controlled Subversion server which can then be used to collect credentials used by the Subversion plugin...

6.5CVSS4.2AI score0.01031EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/10/14 1:1 p.m.3 views

Jenkins: insecure storage of passwords in Subversion plugin (SECURITY-58)

The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file...

2.1CVSS5.8AI score0.00497EPSS
Exploits1References4
NVD
NVD
added 2014/05/08 2:29 p.m.19 views

CVE-2013-6372

The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file...

2.1CVSS6.2AI score0.00497EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2014/05/08 2:29 p.m.23 views

CVE-2013-6372

The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file...

2.1CVSS5.9AI score0.00497EPSS
Exploits1References4
Prion
Prion
added 2014/05/08 2:29 p.m.12 views

Design/Logic Flaw

The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file...

2.1CVSS6.7AI score0.00497EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2014/05/08 12:0 a.m.6 views

PT-2014-3100 · Jenkins · Jenkins Subversion Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Subversion plugin versions prior to 1.54 Description: The issue allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file, due to the storage of credentials using base64 encoding...

5.1CVSS5.9AI score0.00497EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2014/02/28 12:0 a.m.24 views

Jenkins < 1.545 Subversion Plugin Information Disclosure

The remote web server hosts a version of Jenkins that is affected by an information disclosure vulnerability that could allow a local attacker to obtain passwords and SSH private key passphrases related to accessing Subversion resources. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

2.1CVSS5.4AI score0.00497EPSS
Exploits1References2
Rows per page
Query Builder