2 matches found
CVE-2019-10458
Jenkins Puppet Enterprise Pipeline 1.3.1 and earlier specifies unsafe values in its custom Script Security whitelist, allowing attackers able to execute Script Security protected scripts to execute arbitrary code...
CVE-2019-10458
Summary (facts from documents): Jenkins Puppet Enterprise Pipeline 1.3.1 and earlier is affected by an unsafe Script Security whitelist that can let attackers executing Script Security protected scripts run arbitrary code. Affected component: Jenkins Puppet Enterprise Pipeline plugin; vulnerable ...