Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-05 | CVE-2017-1000113 | Information Exposure vulnerability in Jenkins Deploy The Deploy to container Plugin stored passwords unencrypted as part of its configuration. | 5.5 |
| 2017-10-05 | CVE-2017-1000108 | Information Exposure vulnerability in Jenkins Pipeline-Input-Step The Pipeline: Input Step Plugin by default allowed users with Item/Read access to a pipeline to interact with the step to provide input. | 7.5 |
| 2017-10-05 | CVE-2017-1000100 | Information Exposure vulnerability in Haxx Libcurl When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. | 6.5 |
| 2017-10-05 | CVE-2017-1000099 | Information Exposure vulnerability in Haxx Libcurl 7.54.1 When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. | 6.5 |
| 2017-10-05 | CVE-2017-1000094 | Information Exposure vulnerability in Jenkins Docker Commons Docker Commons Plugin provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use to authenticate with a Docker Registry. | 6.5 |
| 2017-10-05 | CVE-2017-1000087 | Information Exposure vulnerability in Jenkins Github Branch Source GitHub Branch Source provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use. | 4.3 |
| 2017-10-04 | CVE-2017-14991 | Information Exposure vulnerability in Linux Kernel The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0. | 5.5 |
| 2017-10-04 | CVE-2017-1126 | Information Exposure vulnerability in IBM Integration BUS and Websphere Message Broker IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) could allow an unauthorized user to obtain sensitive information about software versions that could lead to further attacks. | 5.3 |
| 2017-10-04 | CVE-2017-11122 | Information Exposure vulnerability in multiple products On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading. | 7.5 |
| 2017-10-04 | CVE-2017-0825 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the Broadcom wifi driver. | 7.5 |