Lucene search
+L

32 matches found

RedhatCVE
RedhatCVE
added 2022/08/19 4:38 a.m.56 views

CVE-2022-30946

A cross-site request forgery CSRF vulnerability in Jenkins Script Security Plugin 1158.v7c1b73a69a08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver...

4.3CVSS1.7AI score0.0061EPSS
Exploits0References4
OSV
OSV
added 2022/05/17 3:15 p.m.22 views

CVE-2022-30946

A cross-site request forgery CSRF vulnerability in Jenkins Script Security Plugin 1158.v7c1b73a69a08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver...

4.3CVSS6.6AI score
Exploits0References2
Prion
Prion
added 2019/11/21 3:15 p.m.23 views

Security feature bypass

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts...

6.5CVSS8.9AI score0.01428EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/07/31 1:15 p.m.28 views

Security feature bypass

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts...

6.5CVSS8.9AI score0.025EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2019/03/28 5:59 p.m.56 views

CVE-2019-1003040

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts...

9.6AI score0.03366EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/03/25 12:0 a.m.4 views

PT-2019-2578 · Jenkins · Jenkins Script Security Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.55 and earlier Description: The issue is related to a sandbox bypass vulnerability in the Jenkins Script Security Plugin, which is caused by incorrect type conversion. This allows a remote attacker to...

10CVSS6.7AI score0.03366EPSS
Exploits0References12
CNVD
CNVD
added 2019/02/22 12:0 a.m.40 views

CloudBees Jenkins Script Security Plugin Sandbox Bypass Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A sandbox bypass vulnerabilit...

8.8CVSS7.9AI score0.0299EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/02/19 12:0 a.m.9 views

PT-2019-2298 · Jenkins · Jenkins Script Security Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.52 and earlier Description: A sandbox bypass issue exists that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM by providing a Groovy script to an HTTP...

8.8CVSS8.9AI score0.0299EPSS
Exploits0References12
Prion
Prion
added 2019/02/06 4:29 p.m.36 views

Security feature bypass

A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result i...

6.5CVSS8.8AI score0.19042EPSS
Exploits3References3Affected Software1
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.19 views

Fedora Update for jenkins-script-security-plugin FEDORA-2015-5643

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.7AI score0.02523EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/04/20 12:0 a.m.43 views

Fedora 21 : jenkins-script-security-plugin-1.13-2.fc21 / groovy-sandbox-1.8-1.fc21 / etc (2015-5637)

Fix CVE-2015-1806 SECURITY-125 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

6.5CVSS8.2AI score0.02523EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/04/19 12:0 a.m.37 views

Fedora Update for jenkins-script-security-plugin FEDORA-2015-5637

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.7AI score0.02523EPSS
Exploits0References2
Rows per page
Query Builder