5 matches found
RHCOS 3 : OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2020:0964)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0964 advisory. - openshift/jenkins-plugin: Deserialization in snakeyaml YAML objects allows for remote code execution CVE-2020-2167 Note that Nessus has not...
RHEL 7 : OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2020:0964)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0964 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Securi...
CVE-2020-2167
Jenkins OpenShift Pipeline Plugin 1.0.56 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
CVE-2020-2167
CVE-2020-2167 affects the Jenkins OpenShift Pipeline Plugin, with versions 1.0.56 and earlier vulnerable. The root cause is the YAML parser not restricting deserialization of arbitrary types, enabling remote code execution when a user provides YAML input to the plugin’s build step. Public records...
CVE-2020-2167
Jenkins OpenShift Pipeline Plugin 1.0.56 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...