Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/06/24 8:39 p.m.11 views

CVE-2026-57283

A flaw was found in Jenkins Pipeline: Groovy Plugin. This cross-site request forgery CSRF vulnerability allows attackers to instantiate types related to job or system configuration. This could enable unauthorized modifications to the Jenkins environment...

6.5CVSS5.7AI score0.00158EPSS
Exploits0References4
OSV
OSV
added 2026/06/24 2:17 p.m.2 views

CVE-2026-57284

Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier does not restrict the types that can be instantiated through the Pipeline Snippet Generator, allowing attackers to instantiate types related to job or system configuration other than Pipeline steps...

4.3CVSS5.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

RHCOS 4 : OpenShift Container Platform 4.3.35 jenkins-2-plugins (RHSA-2020:3616)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3616 advisory. - jenkins-script-security-plugin: sandbox protection bypass leads to execute arbitrary code in sandboxed scripts CVE-2019-16538 -...

8.8CVSS6.2AI score0.01428EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2025/03/04 2:39 p.m.11 views

jenkins-plugin/workflow-cps: Lack of Approval Check for Rebuilt Jenkins Pipelines

A flaw was found in the Jenkins Pipeline: Groovy Plugin jenkins-plugin/workflow-cps. This vulnerability allows attackers with Item/Build permission to rebuild a previous build whose main Jenkinsfile script is no longer approved, bypassing script approval checks via the rebuild action...

8CVSS5.7AI score0.0044EPSS
Exploits1References5
OSV
OSV
added 2024/11/13 9:15 p.m.7 views

CVE-2024-52550

Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main Jenkinsfile script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose Jenkinsfile script is no longer approv...

8CVSS5.4AI score
Exploits0References1
AlpineLinux
AlpineLinux
added 2024/11/13 8:53 p.m.7 views

CVE-2024-52550

Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main Jenkinsfile script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose Jenkinsfile script is no longer approv...

8CVSS6.8AI score0.0044EPSS
Exploits1References1
CVE
CVE
added 2024/11/13 8:53 p.m.119 views

CVE-2024-52550

CVE-2024-52550 affects Jenkins Pipeline: Workflow CPS (and related Jenkins Pipeline/Groovy stack) where there is a lack of approval check for rebuilt Jenkins pipelines. The issue allows users with Item/Build permissions to rebuild a previous build whose Jenkinsfile is no longer approved. A PoC/ex...

8CVSS6.9AI score0.0044EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/05/17 12:0 a.m.10 views

Jenkins Pipeline Groovy Plugin 安全漏洞

Jenkins Pipeline is a set of plugins that support the implementation and integration of continuous delivery pipelines into Jenkins.Jenkins Pipeline: Groovy Plugin is vulnerable to a security feature issue that could be exploited by an attacker to load any Groovy source file on the class path of...

8.5CVSS7.8AI score0.01328EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/02/15 12:0 a.m.1 views

PT-2022-17115 · Jenkins · Jenkins Pipeline: Groovy Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Groovy Plugin versions 2648.va9433432b33c and earlier Description: The issue allows attackers who can configure Pipelines to read arbitrary files on the Jenkins controller file system. This is because the plugin follows...

6.5CVSS7.2AI score0.01742EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/02/15 12:0 a.m.5 views

PT-2022-17112 · Jenkins · Jenkins Pipeline: Groovy Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Groovy Plugin versions 2648.va9433432b33c and earlier Jenkins Pipeline: Groovy Plugin prior to 2656.vf7a e7b 75a 457 Jenkins Pipeline: Groovy Plugin version 2.94.1 Jenkins Pipeline: Groovy Plugin version 2.92.1 Description:...

8.8CVSS8.6AI score0.01444EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/06/17 10:38 p.m.4 views

jenkins-pipeline-groovy-plugin: sandbox protection bypass through default parameter expressions in CPS-transformed methods

Sandbox protection in Jenkins Pipeline: Groovy Plugin 2.78 and earlier can be circumvented through default parameter expressions in CPS-transformed methods...

8.8CVSS5.8AI score0.01267EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/03/25 12:0 a.m.5 views

PT-2019-2579 · Jenkins · Jenkins Pipeline: Groovy Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Groovy Plugin versions 2.64 and earlier Description: The issue is related to a sandbox bypass vulnerability in the Jenkins Pipeline: Groovy Plugin, which is associated with incorrect type conversion. This allows attackers to...

10CVSS7.3AI score0.03366EPSS
Exploits0References11
CNVD
CNVD
added 2017/07/24 12:0 a.m.6 views

CloudBees Jenkins Pipeline: Groovy Plugin Remote Code Execution Vulnerability

CloudBees Jenkins Pipeline: Groovy Plugin is a U.S. CloudBees company's Java-based development of continuous integration tools in the process of building plug-ins . A remote code execution vulnerability exists in CloudBees Jenkins Pipeline: Groovy Plugin versions 2.36 and earlier. A remote attack...

8.8CVSS8.5AI score0.01608EPSS
Exploits0References1
Rows per page
Query Builder