39 matches found
EUVD-2022-1379
Malicious code in bioql PyPI...
EUVD-2022-1382
Malicious code in bioql PyPI...
EUVD-2022-1474
Malicious code in bioql PyPI...
CVE-2022-28146
Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Item/Configure permission to read arbitrary files on the Jenkins controller by specifying an input folder on the Jenkins controller as a parameter to its build steps...
CVE-2022-28147
A missing permission check in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...
CVE-2022-28148
The file browser in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Item/Read permission to obtain the contents of arbitrary files on Windows...
Jenkins Continuous Integration with Toad Edge Plugin访问控制错误漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An access control error vulnerability exis...
Jenkins Continuous Integration with Toad Edge Plugin任意文件读取漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. An attacker with Item/Configure privileges can read arbitrary files on the...
GHSA-8P4X-FQ8V-XHV4 Arbitrary file read vulnerability in Jenkins Continuous Integration with Toad Edge Plugin
Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Item/Configure permission to read arbitrary files on the Jenkins controller by specifying an input folder on the Jenkins controller as a parameter to its build steps...
Arbitrary file read vulnerability in Jenkins Continuous Integration with Toad Edge Plugin
Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Item/Configure permission to read arbitrary files on the Jenkins controller by specifying an input folder on the Jenkins controller as a parameter to its build steps...
Cross-site Scripting (XSS) vulnerability in Jenkins Continuous Integration with Toad Edge Plugin
Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier does not apply Content-Security-Policy headers to report files it serves, resulting in a stored cross-site scripting XSS exploitable by attackers with Item/Configure permission or otherwise able to control report contents...
Missing permission check in Jenkins Continuous Integration with Toad Edge Plugin
A missing permission check in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...
Path traversal vulnerability on Windows in Jenkins Continuous Integration with Toad Edge Plugin
The file browser in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Item/Read permission to obtain the contents of arbitrary files on Windows...
GHSA-MC92-C859-JR66 Path traversal vulnerability on Windows in Jenkins Continuous Integration with Toad Edge Plugin
The file browser in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Item/Read permission to obtain the contents of arbitrary files on Windows...
GHSA-8HH2-RXM8-7FJ8 Missing permission check in Jenkins Continuous Integration with Toad Edge Plugin
A missing permission check in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...
CVE-2022-28147
A missing permission check in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...
CVE-2022-28145
Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier does not apply Content-Security-Policy headers to report files it serves, resulting in a stored cross-site scripting XSS exploitable by attackers with Item/Configure permission or otherwise able to control report contents...
CVE-2022-28146
Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Item/Configure permission to read arbitrary files on the Jenkins controller by specifying an input folder on the Jenkins controller as a parameter to its build steps...
CVE-2022-28145
Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier does not apply Content-Security-Policy headers to report files it serves, resulting in a stored cross-site scripting XSS exploitable by attackers with Item/Configure permission or otherwise able to control report contents...
CVE-2022-28145
Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier does not apply Content-Security-Policy headers to report files it serves, resulting in a stored cross-site scripting XSS exploitable by attackers with Item/Configure permission or otherwise able to control report contents...