34 matches found
Jenkins Cadence vManager Plugin disables SSL/TLS and hostname verification
Jenkins Cadence vManager Plugin prior to version 2.7.1 disables SSL/TLS and hostname verification globally for the Jenkins master JVM. This issue is patched in 2.7.1...
CloudBees Jenkins XSS Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An XSS vulnerability exists i...
CVE-2020-2243
Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...
CVE-2020-2243
Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...
Cross site scripting
Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...
CVE-2020-2243
Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...
CVE-2020-2243
Jenkins Cadence vManager Plugin 3.0.4 and earlier is affected by CVE-2020-2243: it does not escape build descriptions in tooltips, causing a stored XSS vulnerability that can be exploited by attackers with Run/Update permission. Several connected sources confirm the issue and note that Cadence vM...
CVE-2020-2243
Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...
CloudBees Jenkins Cadence vManager Plugin Trust Management Issue Vulnerability
CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. company CloudBees. The product is mainly used to monitor the continuous software version of the release/test project and some timed execution of the task . Cadence vManager Plugin is use...
CVE-2019-10446
Jenkins Cadence vManager Plugin 2.7.0 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM...
CVE-2019-10446
Jenkins Cadence vManager Plugin 2.7.0 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM...
Design/Logic Flaw
Jenkins Cadence vManager Plugin 2.7.0 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM...
CVE-2019-10446
CVE-2019-10446 affects Jenkins Cadence vManager Plugin versions prior to 2.7.1, where SSL/TLS and hostname verification were disabled globally on the Jenkins master JVM. Root cause: the plugin trusts all certificates, weakening transport security. Impact stated across sources includes risk to con...
PT-2019-11840 · Jenkins · Jenkins Cadence Vmanager Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Cadence vManager Plugin versions prior to 2.7.1 Description: The issue concerns the disabling of SSL/TLS and hostname verification globally for the Jenkins master JVM. This affects the security of the Jenkins master JVM, potentially...