Lucene search
+L

6 matches found

nessus
nessus
added 2026/05/04 12:0 a.m.7 views

RHCOS 3 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:0739)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0739 advisory. - jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin SECURITY-1292 CVE-2019-1003005 -...

9.9CVSS6AI score0.75594EPSS
Exploits7References14
redhatcve
redhatcve
added 2020/04/09 10:33 a.m.35 views

CVE-2019-1003005

A flaw was found in the Jenkins Script Security plugin through version 1.50. The fix for CVE-2019-1003000 was found to be incomplete. Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code...

8.8CVSS0.9AI score0.98428EPSS
Exploits17References4
nessus
nessus
added 2019/04/11 12:0 a.m.36 views

RHEL 7 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:0739)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0739 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.9CVSS8.7AI score0.75594EPSS
Exploits7References14
redhat
redhat
added 2019/04/10 6:34 p.m.54 views

Important: Red Hat Security Advisory: Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins security update

An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.9CVSS7.6AI score0.75594EPSS
Exploits7References7
canvas
canvas
added 2019/03/08 9:29 p.m.113 views

Immunity Canvas: JENKINS_CHECKSCRIPT_RCE

Name| jenkinscheckscriptrce ---|--- CVE| CVE-2019-1003029 Exploit Pack| CANVAS Description| RCE on Jenkins checkScript Notes| CVE Name: CVE-2019-1003029 CVE-2019-1003005 CVE-2018-1000861 VENDOR: Jenkins NOTES: Groovy Plugin supports sandboxed Groovy expressions for its 'System Groovy'...

10CVSS0.5AI score0.98481EPSS
Exploits5
cve
cve
added 2019/02/06 4:0 p.m.125 views

CVE-2019-1003005

CVE-2019-1003005 describes a sandbox bypass in Jenkins Script Security Plugin (versions 1.50 and earlier) where an attacker with Overall/Read permission can supply a Groovy script to an HTTP endpoint, potentially leading to arbitrary code execution on the Jenkins master JVM. Public references (in...

8.8CVSS8.8AI score0.19042EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder