3509 matches found
plugin: Lack of authentication mechanism in Git Plugin webhook
The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository...
plugin: Non-constant time webhook signature comparison in GitHub Plugin
Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature...
SUSE CVE-2020-2249
Jenkins Team Foundation Server Plugin 5.157.1 and earlier stores a webhook secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...
SUSE CVE-2020-8561
A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the lo...
SUSE CVE-2021-22139
Kibana versions before 7.12.1 contain a denial of service vulnerability was found in the webhook actions due to a lack of timeout or a limit on the request size. An attacker with permissions to create webhook actions could drain the Kibana host connection pool, making Kibana unavailable for all...
SUSE CVE-2021-25735
A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the No...
Malicious code in discord-webhhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx a522ed9d655b99f0a89ad26346dbec0997c88aff8a1b61e6b1a90036baf32040 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in discord-webbhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4b92b1c055ad690b59c2d82a30c0d9dfd336eea163997091176bf71f5a9ac24f Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in disccord-webhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 556d9c4177efb792498eeb23768f40f84c9166c78648f57734328a67ea47fb3a Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in discord-wehbook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx b2a201cfdae2a231d7161911466ae8a53750e787cc7a4fcd3ba84cddab841df8 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-1794 Malicious code in discord-wehbook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx b2a201cfdae2a231d7161911466ae8a53750e787cc7a4fcd3ba84cddab841df8 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-1769 Malicious code in disccord-webhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 556d9c4177efb792498eeb23768f40f84c9166c78648f57734328a67ea47fb3a Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in discor-webhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx a12c804d3154068e2785a2d4e5f06230c2fc678a3f0ee7364a681258a68aab99 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in dsicord-webhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx fbde56c1db08589509241b0ca603dba62b42b397f36762de169f68fe7f8bf26c Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-1792 Malicious code in discord-webook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 71ecf6fb771b9ea3bbea4f5b7b78892ccdcb73c207d05185baeb26865164ad07 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-1800 Malicious code in discordd-webhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx ec9b98af7a0f6a1f9a6e018eee4a99ce3be0fd25d50a4309a6b13c807a7aefb7 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in disocrd-webhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 3aed39e8c45478c7ff72edb2dd0a63ffddf84515a55b1b41c9984133a5fbc5ad Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in discrd-webhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx a01a8e0beaa017a4d2c5e5527e2824d721ae88b0cd03fe6826ba1603546ff447 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-1880 Malicious code in idscord-webhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8d5395c298e10f7af1908faa62f1c64f7d8aff8ca8719d7e08f6ec0fd74f8334 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in discrod-webhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 975fe99b53dad27b06b2a1337ff71fe927e03493cef89d9723baa1bbcc1fca84 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...