4 matches found
CVE-2024-34145
A sandbox bypass vulnerability involving sandbox-defined classes that shadow specific non-sandbox-defined classes in Jenkins Script Security Plugin 1335.vf07d9ce377ae and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox...
CVE-2022-30945
Jenkins Pipeline: Groovy Plugin 2689.v434009a31bf1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines...
CVE-2022-30945
Jenkins Pipeline: Groovy Plugin 2689.v434009a31bf1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines...
PT-2022-20399 · Jenkins · Jenkins Pipeline: Groovy Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Groovy Plugin versions 2689.v434009a 31b f1 and earlier Description: The issue allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines. This could potentially be used to...