4 matches found
com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.logmein:pipeline-bamboo (>=0.0.1 <=0.0.2) +93 more potentially affected by CVE-2019-1003041 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2.6)
org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =0.0.1, =8.0.12, =0.8, =1.0.14, =1.3.0, =1.0, =0.9.0, =1.0, =1.22, =0.0.8, =y - io.fabric8.pipeline:kubernetes-pipeline-aggregator =1.3 and more Source cves: CVE-2019-1003041 Source advisory: OSV:GHSA-X74X-QF5J-3...
RHEL 7 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:1423)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1423 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
Important: Red Hat Security Advisory: Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins security update
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2019-1003041
CVE-2019-1003041 concerns a sandbox bypass in Jenkins Pipeline: Groovy Plugin (versions 2.64 and earlier). The vulnerability lets an attacker invoke arbitrary constructors within sandboxed scripts by escaping sandbox restrictions, enabling code execution paths outside the intended script sandbox....