Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2022/05/13 1:40 a.m.5 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.logmein:pipeline-bamboo (>=0.0.1 <=0.0.2) +87 more potentially affected by CVE-2017-1000096 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2.36)

org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =0.0.1, =8.0.12, =0.8, =1.0.14, =1.3.0, =1.0, =0.9.0, =1.0, =1.22, =0.0.8, =y - io.fabric8.pipeline:kubernetes-pipeline-aggregator =1.3 and more Source cves: CVE-2017-1000096 Source advisory: OSV:GHSA-MHWQ-4MH7-F...

8.8CVSS6.7AI score0.01608EPSS
Exploits0
OSV
OSV
added 2017/10/05 1:29 a.m.3 views

CVE-2017-1000096

Arbitrary code execution due to incomplete sandbox protection: Constructors, instance variable initializers, and instance initializers in Pipeline scripts were not subject to sandbox protection, and could therefore execute arbitrary code. This could be exploited e.g. by regular Jenkins users with...

8.8CVSS7.8AI score
Exploits0References2
CVE
CVE
added 2017/10/04 1:0 a.m.67 views

CVE-2017-1000096

CVE-2017-1000096 : Concrete details in the connected docs show an arbitrary code execution vulnerability in Jenkins Pipelines due to incomplete sandbox protection. Constructors, instance variable initializers, and instance initializers in Pipeline scripts were not subject to sandbox protection, e...

8.8CVSS9.1AI score0.01608EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2017/07/14 10:59 a.m.34 views

CVE-2017-1000096

The jenkins-plugin-script-security has incomplete sandbox protection which allows attackers to execute arbitrary code via constructors, instance variable initializers, and instance initializers in Pipeline scripts. Exploitation of this requires the attacker to have permission to configure Pipelin...

8.8CVSS4.2AI score0.01608EPSS
Exploits0References2
Rows per page
Query Builder