RSS   Vulnerabilities for 'Artifactory'   RSS

2019-01-09
 
CVE-2018-1000424

CWE-255
 

 
An insufficiently protected credentials vulnerability exists in Jenkins Artifactory Plugin 2.16.1 and earlier in ArtifactoryBuilder.java, CredentialsConfig.java that allows attackers with local file system access to obtain old credentials configured for the plugin before it integrated with Credentials Plugin.

 
2016-12-09
 
CVE-2016-6501

 

 
JFrog Artifactory before 4.11 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning.

 


Copyright 2019, cxsecurity.com

 

Back to Top