8 matches found
CVE-2020-2168
Jenkins Azure Container Service Plugin 1.0.1 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
GHSA-5QFF-7944-VQ4F RCE vulnerability in Jenkins Azure Container Service Plugin
Azure Container Service Plugin 1.0.1 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to provide YAML input files to Azure Container Service Plugin’s build step. Azur...
The vulnerability of the YAML syntax analyzer in the Jenkins Azure Container Service Plugin allows a perpetrator to execute arbitrary code.
The vulnerability of the YAML syntax analyzer in the Jenkins Azure Container Service Plugin is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
CloudBees Jenkins Azure Container Service plugin code issue vulnerability
CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks.Azure Container Service Plugin is used in which an Azure...
CVE-2020-2168
Jenkins Azure Container Service Plugin 1.0.1 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
Remote code execution
Jenkins Azure Container Service Plugin 1.0.1 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
CVE-2020-2168
Jenkins Azure Container Service Plugin 1.0.1 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
CVE-2020-2168
CVE-2020-2168 affects the Jenkins Azure Container Service Plugin for Jenkins, with versions 1.0.1 and earlier. The root cause is that the plugin’s YAML parser does not restrict deserialization, allowing arbitrary types to be instantiated, which enables remote code execution (RCE). Impact is high ...