Lucene search
K

7 matches found

Veracode
Veracode
added 2025/12/13 4:43 a.m.9 views

Sandbox Protection Bypass

io.fabric8.pipeline:kubernetes-pipeline-arquillian-steps is vulnerable to Sandbox Protection Bypass. The vulnerability is due to an overly permissive custom script security whitelist, which allows an attacker to invoke arbitrary methods and bypass sandbox restrictions...

9.9CVSS8.5AI score0.01205EPSS
Exploits0References5Affected Software1
vulnersOsv
vulnersOsv
added 2022/10/19 7:0 p.m.7 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.openshift.jenkins:openshift-pipeline (>=1.0.14 <=1.0.57) +39 more potentially affected by CVE-2022-43401 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2660.vb_c0412dc4e6d)

org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =1.0.14, =1.3.0, =0.9.0, =1.22, =1.0, =1.0, =1.0, =0.1-beta-1, =0.1-beta-5, =1.9-beta-1, =2.3 and more Source cves: CVE-2022-43401 Source advisory: OSV:GHSA-7VR5-72W7-Q6JC...

9.9CVSS7.7AI score0.01211EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/24 4:56 p.m.5 views

io.fabric8.pipeline:kubernetes-pipeline-aggregator (=1.3) potentially affected by CVE-2019-10417 via io.fabric8.pipeline:kubernetes-pipeline-steps (=1.3)

io.fabric8.pipeline:kubernetes-pipeline-steps MAVEN version =1.3 is affected by a known vulnerability. The following packages have a transitive dependency on io.fabric8.pipeline:kubernetes-pipeline-steps and may be impacted: - io.fabric8.pipeline:kubernetes-pipeline-aggregator =1.3 Source cves:...

9.9CVSS7.2AI score0.01205EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/02/16 12:1 a.m.6 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.logmein:pipeline-bamboo (>=0.0.1 <=0.0.2) +94 more potentially affected by CVE-2022-25173 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2.92)

org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =0.0.1, =8.0.12, =0.8, =1.0.14, =1.3.0, =1.0, =0.9.0, =1.0, =1.22, =0.0.8, =y - io.fabric8.pipeline:kubernetes-pipeline-aggregator =1.3 and more Source cves: CVE-2022-25173 Source advisory: OSV:GHSA-4M7P-55JM-3VW...

8.8CVSS7.2AI score0.01444EPSS
Exploits0
CNVD
CNVD
added 2019/10/08 12:0 a.m.2 views

Unspecified Vulnerability in CloudBees Jenkins Kubernetes::Pipeline::Kubernetes Steps Plugin

CloudBees Jenkins Hudson Labs is a set of U.S. CloudBees company based on Java development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks.Kubernetes::Pipeline::Arquillian Steps Plugin is used in...

9.9CVSS7.5AI score0.01205EPSS
Exploits0References1
NVD
NVD
added 2019/09/25 4:15 p.m.60 views

CVE-2019-10418

Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...

9.9CVSS9.6AI score0.01205EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/09/25 3:5 p.m.43 views

CVE-2019-10417

Jenkins Kubernetes :: Pipeline :: Kubernetes Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...

9.6AI score0.01205EPSS
Exploits0References2
Rows per page
Query Builder