5 matches found
RHCOS 4 : OpenShift Container Platform 4.8.56 (RHSA-2023:0017)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0017 advisory. - http2-server: Invalid HTTP/2 requests cause DoS CVE-2022-2048 - Libraries: Untrusted users can modify some Pipeline libraries in...
CVE-2022-30945
A flaw was found in Jenkins Groovy Plugin. The plugin allows pipelines to load Groovy source files. The intent is to allow Global Shared Libraries to execute without sandbox protection. The issue is that the plugin allows any Groovy source files bundled with Jenkins core and plugins to be loaded...
CVE-2022-30945
Jenkins Pipeline: Groovy Plugin 2689.v434009a31bf1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines...
CVE-2022-30945
CVE-2022-30945 affects the Jenkins Pipeline: Groovy Plugin. Affected objects: Plugin 2689.v434009a_31b_f1 and earlier. Root cause: the plugin allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins from sandboxed pipelines, bypassing sandbox protections. This enable...
CVE-2022-30945
Jenkins Pipeline: Groovy Plugin 2689.v434009a31bf1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines...