GHSA-99MF-F3QH-WQRP Improper Input Validation in Jenkins Pipeline: Groovy Plugin

🗓️ 24 May 2022 17:46:08Reported by GoogleType

osv🔗 osv.dev👁 17 Views

Improper Input Validation in Jenkins Pipeline: Groovy Plugin - Sandbox protection circumventio

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 16
Github Security Blog	Improper Input Validation in Jenkins Pipeline: Groovy Plugin	24 May 202217:08	–	github
NVD	CVE-2020-2109	12 Feb 202015:15	–	nvd
Cvelist	CVE-2020-2109	12 Feb 202014:35	–	cvelist
RedhatCVE	CVE-2020-2109	31 Mar 202008:49	–	redhatcve
Veracode	Sandbox Restrictions Bypass	19 Jun 202003:53	–	veracode
Prion	Code injection	12 Feb 202015:15	–	prion
CVE	CVE-2020-2109	12 Feb 202015:15	–	cve
RedHat Linux	Important: Red Hat Security Advisory: OpenShift Container Platform 4.3.35 jenkins-2-plugins security update	9 Sep 202015:23	–	redhat
RedHat Linux	Important: Red Hat Security Advisory: OpenShift Container Platform 4.4.z jenkins-2-plugins security update	29 Jun 202014:37	–	redhat
RedHat Linux	Important: Red Hat Security Advisory: OpenShift Container Platform 3.11 jenkins-2-plugins security update	17 Jun 202022:38	–	redhat

Osv

Node

jenkins script_security_pluginRange0–2.79

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-2109
github	www.github.com/jenkinsci/workflow-cps-plugin/commit/41cb4e05eed6a901d0c8a8b0a460111a64c5e179
github	www.github.com/jenkinsci/workflow-cps-plugin/commit/90b7f403882e1cab1dec49a011e377f440f8e003
jenkins	www.jenkins.io/security/advisory/2020-02-12/
openwall	www.openwall.com/lists/oss-security/2020/02/12/3

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 May 2022 17:08Current

8.6High risk

Vulners AI Score8.6

CVSS26.5

CVSS38.8

EPSS0.00475