5 matches found
org.jenkins-ci.plugins:seed (>=0.8.0 <=2.1.4) potentially affected by CVE-2019-1003034 via org.jenkins-ci.plugins:job-dsl (>=1.34 <=1.50)
org.jenkins-ci.plugins:job-dsl MAVEN version =1.34, =0.8.0, =2.1.4 Source cves: CVE-2019-1003034 Source advisory: OSV:GHSA-5R74-PGMQ-92MM...
RHEL 7 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:0739)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0739 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
Important: Red Hat Security Advisory: Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins security update
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2019-1003034
A sandbox bypass vulnerability exists in Jenkins Job DSL Plugin 1.71 and earlier in job-dsl-core/src/main/groovy/javaposse/jobdsl/dsl/AbstractDslScriptLoader.groovy, job-dsl-plugin/build.gradle, job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/JobDslWhitelist.groovy,...
CVE-2019-1003034
CVE-2019-1003034 is a sandbox bypass in the Jenkins Job DSL Plugin (affected in 1.71 and earlier) that can let attackers with control over Job DSL definitions execute arbitrary code on the Jenkins master JVM. The connected advisories (GHSA-5R74-PGMQ-92MM and Red Hat RHSA-2019:0739) confirm a sand...