41 matches found
EUVD-2015-6436
Malware in sbrugna...
EUVD-2016-6663
Malware in sbrugna...
EUVD-2021-22728
Malware in sbrugna...
EUVD-2022-4279
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-36096
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG OTRS Community Edition 6.0.x...
CVE-2016-5724
Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles...
CVE-2019-16539
A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles...
SUSE CVE-2019-16539
A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles...
SUSE CVE-2020-1770
Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: OTRS Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions...
CVE-2022-45383
An incorrect permission check in Jenkins Support Core Plugin 1206.v14049fabd860 and earlier allows attackers with Support/DownloadBundle permission to download a previously created support bundle containing information limited to users with Overall/Administer permission...
PT-2022-25948 · Gradle · Gradle Enterprise
Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions 2022.3 through 2022.3.3 Description: A credential-exposure issue in the support-bundle mechanism allows remote attackers to access a subset of application data, including cleartext credentials. Recommendations: For...
GHSA-2CXG-448H-4WXJ Jenkins Support Core Plugin allowed users with Overall/Read permission to delete arbitrary files
Jenkins Support Core Plugin did not validate the paths submitted for the "Delete Support Bundles" feature. This allowed users to delete arbitrary files on the Jenkins controller file system accessible to the OS user account running Jenkins. Additionally, this endpoint did not perform a permission...
Missing permission check in Jenkins Support Core Plugin
A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles...
CVE-2022-25187
Jenkins Support Core Plugin 2.79 and earlier does not redact some sensitive information in the support bundle...
CVE-2021-36096
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG OTRS Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions...
CVE-2021-36096
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG OTRS Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions...
CVE-2021-36096
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG OTRS Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions...
Design/Logic Flaw
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG OTRS Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions...
UBUNTU-CVE-2021-36096
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG OTRS Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions...
CVE-2021-36096
The CVE-2021-36096 issue affects OTRS packages where Generated Support Bundles may contain private S/MIME and PGP keys if the containing folder is not hidden. Affected products and versions: OTRS Community Edition 6.0.x (6.0.1+), OTRS 7.0.x (7.0.28+), and OTRS 8.0.x (8.0.15+). Root cause is infor...