Lucene search
GoogleOSV:GHSA-264W-XRR7-6QQGHistoryMay 24, 2022 - 5:12 p.m.
RCE vulnerability in Jenkins OpenShift Pipeline Plugin
2022-05-2417:12:40
Google
osv.dev
7
0.008 Low
EPSS
Percentile
81.9%
OpenShift Pipeline Plugin 1.0.56 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution (RCE) vulnerability exploitable by users able to provide YAML input files to OpenShift Pipeline Pluginβs build step. OpenShift Pipeline Plugin 1.0.57 configures its YAML parser to only instantiate safe types.
Related
prion
prion
Remote code execution
2020-03-25 17:15:00
cvelist
cvelist
CVE-2020-2167
2020-03-25 16:05:37
cve
cve
CVE-2020-2167
2020-03-25 17:15:15
redhat
redhat
nvd
nvd
CVE-2020-2167
2020-03-25 17:15:15
redhatcve
redhatcve
CVE-2020-2167
2020-03-25 22:01:26
osv
osv
CVE-2020-2167
2020-03-25 17:15:15
nessus
nessus
github
github
RCE vulnerability in Jenkins OpenShift Pipeline Plugin
2022-05-24 17:12:40
openvas
openvas
openSUSE: Security Advisory for ImageMagick (SUSE-SU-2023:3792-1)
2024-03-04 00:00:00