Lucene search
PRIOn knowledge basePRION:CVE-2022-43406HistoryOct 19, 2022 - 4:15 p.m.
Security feature bypass
2022-10-1916:15:00
PRIOn knowledge base
www.prio-n.com
2
security feature bypass
jenkins
pipeline
groovy libraries
sandbox bypass
vulnerability
attackers
permission
arbitrary code
jenkins controller jvm
A sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries Plugin 583.vf3b_454e43966 and earlier allows attackers with permission to define untrusted Pipeline libraries and to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
| CPE | Name | Operator | Version |
|---|---|---|---|
| groovy_libraries | eq | <= 583.vf3b-454e43966 |
Related
github
github
cve
cve
CVE-2022-43406
2022-10-19 16:15:10
nvd
nvd
CVE-2022-43406
2022-10-19 16:15:10
cvelist
cvelist
CVE-2022-43406
2022-10-19 00:00:00
redhatcve
redhatcve
CVE-2022-43406
2022-10-20 06:17:16
veracode
veracode
Arbitrary Code Execution
2023-03-07 00:49:40
osv
osv
alpinelinux
alpinelinux
CVE-2022-43406
2022-10-19 16:15:10
nessus
nessus
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)
2024-04-28 00:00:00
RHEL 8 : OpenShift Container Platform 4.10.51 (RHSA-2023:0560)
2024-04-28 00:00:00
redhat
redhat