10 matches found
Sandbox Protection Bypass
io.fabric8.pipeline:kubernetes-pipeline-arquillian-steps is vulnerable to Sandbox Protection Bypass. The vulnerability is due to an overly permissive custom script security whitelist, which allows an attacker to invoke arbitrary methods and bypass sandbox restrictions...
br.eti.clairton:ds-test (=0.4.0), com.bertoncelj.wildflysingletonservice:wildfly-singleton-service (>=1.1.0 <=1.2.1) +312 more potentially affected by CVE-2021-3642 via org.wildfly.security:wildfly-elytron (>=1.0.0.Alpha1 <=1.10.0.Final)
org.wildfly.security:wildfly-elytron MAVEN version =1.0.0.Alpha1, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.6.0.Beta1, =1.0.0.Alpha4, =0.29.0.Final, =0.15.0.Final, =0.29.0.Final, =0.18.0.Final, =1.0.1.Final and more Source cves: CVE-2021-3642 Source advisory: OSV:GHSA-5499-QJVH-6...
org.wildfly.arquillian:wildfly-arquillian-container-bootable (=5.0.0.Alpha1), org.wildfly.arquillian:wildfly-arquillian-container-embedded (=5.0.0.Alpha1) +71 more potentially affected by CVE-2021-3642 via org.wildfly.security:wildfly-elytron (>=1.16.0.CR1 <=1.16.0.Final)
org.wildfly.security:wildfly-elytron MAVEN version =1.16.0.CR1, =1.16.0.Final is affected by a known vulnerability. The following packages have a transitive dependency on org.wildfly.security:wildfly-elytron and may be impacted: - org.wildfly.arquillian:wildfly-arquillian-container-bootable...
GHSA-F46P-Q6JH-226M Incorrect Authorization in Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin
Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...
Incorrect Authorization in Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin
Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...
CVE-2019-10418
Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...
CVE-2019-10418
Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...
CVE-2019-10418
The CVE-2019-10418 vulnerability affects the Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin. It stems from a custom script-security whitelist that improperly allowed invocation of arbitrary methods, bypassing the usual sandbox protections. Public references describe the issue and its i...
CVE-2019-10418
Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...
PT-2019-11812 · Jenkins · Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin affected versions not specified Description: The issue allows attackers to invoke arbitrary methods, bypassing typical sandbox protection, due to a custom whitelist for script security...