Lucene search
+L

7 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.41 views

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3198 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.9CVSS8.1AI score0.99931EPSS
Exploits56References48
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.38 views

RHEL 8 : OpenShift Developer Tools and Services for OCP 4.12 (RHSA-2023:1064)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1064 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.9CVSS6.9AI score0.03571EPSS
Exploits4References33
Tenable Nessus
Tenable Nessus
added 2024/04/23 12:0 a.m.41 views

RHEL 8 : OpenShift Container Platform 4.9.56 (RHSA-2023:0777)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0777 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

9.9CVSS8AI score0.99615EPSS
Exploits14References56
RedHat Linux
RedHat Linux
added 2023/03/06 9:1 a.m.118 views

Critical: Red Hat Security Advisory: OpenShift Developer Tools and Services for OCP 4.12 security update

An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.9CVSS6.7AI score0.03571EPSS
Exploits4References16
vulnersOsv
vulnersOsv
added 2022/10/19 7:0 p.m.6 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.qasymphony.ci.jenkins:qtest (>=1.3.0 <=1.4.6) +38 more potentially affected by CVE-2022-43406 via org.jenkins-ci.plugins.workflow:workflow-cps-global-lib (>=0.1-beta-5 <=2.7)

org.jenkins-ci.plugins.workflow:workflow-cps-global-lib MAVEN version =0.1-beta-5, =1.9.2-beta, =1.3.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =2.2.0, =1.0, =1.0, =1.0, =0.1-beta-5, =2.5 and more Source cves: CVE-2022-43406 Source advisory: OSV:GHSA-7QW2-H9GJ-HCVH...

9.9CVSS7.7AI score0.01095EPSS
Exploits0
CVE
CVE
added 2022/10/19 12:0 a.m.136 views

CVE-2022-43406

CVE-2022-43406 is a sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries Plugin 583.vf3b_454e43966 and earlier. The issue allows attackers with permission to define untrusted Pipeline libraries to define and run sandboxed scripts, including Pipelines, enabling arbitrary c...

9.9CVSS9.5AI score0.01095EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2022/10/19 12:0 a.m.34 views

CVE-2022-43406

A sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries Plugin 583.vf3b454e43966 and earlier allows attackers with permission to define untrusted Pipeline libraries and to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute...

9.9CVSS5.4AI score0.01095EPSS
Exploits0References3
Rows per page
Query Builder