Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

RedHat Linux
RedHat Linuxadded 2023/03/06 9:1 a.m.6 views

jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin

A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...

9.9CVSS6.1AI score0.00196EPSS
Exploits0References5
CVE
CVEadded 2022/10/19 12:0 a.m.127 views

CVE-2022-43406

CVE-2022-43406 is a sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries Plugin 583.vf3b_454e43966 and earlier. The issue allows attackers with permission to define untrusted Pipeline libraries to define and run sandboxed scripts, including Pipelines, enabling arbitrary c...

9.9CVSS9.5AI score0.00196EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2022/02/16 12:1 a.m.35 views

GHSA-7RCW-FWFH-2H2G Jenkins Pipeline: Deprecated Groovy Libraries Plugin Protection Mechanism Failure

Jenkins Pipeline: Deprecated Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create directories without canonicalization or sanitization. This allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins...

8.8CVSS8.7AI score0.00292EPSS
Exploits0References3
Rows per page
Query Builder