5 matches found
aendter.jenkins.plugins:filesystem-list-parameter-plugin (=0.0.6), com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9) +30 more potentially affected by CVE-2019-1003031 via org.jenkins-ci.plugins:matrix-project (>=1.0 <=1.13)
org.jenkins-ci.plugins:matrix-project MAVEN version =1.0, =1.9.2-beta, =0.5, =1.28, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.4.2, =0.34, =1.561, =1.599 - org.jenkins-ci.plugins:Matrix-sorter-plugin =1.3 - org.jenkins-ci.plugins:build-blocker-plugin =1.7.3 and more Source cves:...
RHEL 7 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:0739)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0739 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
Important: Red Hat Security Advisory: Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins security update
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2019-1003031
A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM...
CVE-2019-1003031
CVE-2019-1003031 describes a sandbox bypass in the Jenkins Matrix Project Plugin (versions up to 1.13) where an attacker with Job/Configure permission can execute arbitrary code on the Jenkins master JVM via FilterScript.java. This undermines containment of code execution with high impact on conf...