9 matches found
EUVD-2022-2078
Malicious code in bioql PyPI...
RCE vulnerability in Jenkins Yaml Axis Plugin
Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to configure a multi-configuration Matrix job, or control the contents of a previously...
GHSA-324H-2V7H-Q3XX RCE vulnerability in Jenkins Yaml Axis Plugin
Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to configure a multi-configuration Matrix job, or control the contents of a previously...
CloudBees Jenkins Yaml Axis Plugin Code Issue Vulnerability
CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Yaml Axis Plugin is used in one of the axis creation and...
CVE-2020-2179
Jenkins Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
Remote code execution
Jenkins Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
CVE-2020-2179
Jenkins Yaml Axis Plugin (versions ≤0.2.0) is affected by a remote code execution vulnerability due to the YAML parser not restricting deserialized types. Exploitation is possible when a user can configure a multi-configuration (Matrix) job or control contents of a job’s SCM repository. The issue...
CVE-2020-2179
Jenkins Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
PT-2020-15392 · Jenkins · Jenkins Yaml Axis Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Yaml Axis Plugin versions 0.2.0 and earlier Description: The issue results from the YAML parser not being configured to prevent the instantiation of arbitrary types, leading to a remote code execution vulnerability. This vulnerability...