Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-0894

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01601EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1130

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.01404EPSS
Exploits0References9
Veracode
Veracode
added 2022/04/21 12:42 a.m.24 views

OS Command Injection

jenkins-2-plugins is vulnerable to OS command injection. The vulnerability exists due to a lack of sanitization for distinct SCMs for the readTrusted step allowing an attacker with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents...

8.8CVSS3AI score0.01444EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2022/02/17 3:47 p.m.54 views

CVE-2022-25174

A flaw was found in Jenkins. The JenkinsPipeline: Shared Groovy Libraries uses the same checkout directories for distinct SCMs for Pipeline libraries. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. This...

8.8CVSS5.5AI score0.01443EPSS
Exploits0References3
OSV
OSV
added 2022/02/16 12:1 a.m.33 views

GHSA-7W2W-FWPF-9M4H Jenkins Pipeline: Deprecated Groovy Libraries Plugin Protection Mechanism Failure

Jenkins Pipeline: Deprecated Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the same workspace directory for all checkouts of Pipeline libraries with the same name regardless of the SCM being used and the source of the library configuration. This allows attackers with Item/Configure...

8.8CVSS8.7AI score0.01601EPSS
Exploits0References3
NVD
NVD
added 2022/02/15 5:15 p.m.35 views

CVE-2022-25175

Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier uses the same checkout directories for distinct SCMs for the readTrusted step, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents...

8.8CVSS0.01404EPSS
Exploits0References1
Prion
Prion
added 2022/02/15 5:15 p.m.26 views

Security feature bypass

A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM through crafted SCM contents, if a global Pipeline library alread...

6.5CVSS8.7AI score0.01601EPSS
Exploits0References1
Prion
Prion
added 2022/02/15 5:15 p.m.21 views

Design/Logic Flaw

Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier uses the same checkout directories for distinct SCMs for the readTrusted step, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents...

6.5CVSS8.5AI score0.01404EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/02/15 4:11 p.m.19 views

CVE-2022-25181

A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM through crafted SCM contents, if a global Pipeline library alread...

9AI score0.01601EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2022/02/15 4:11 p.m.54 views

CVE-2022-25181

A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM through crafted SCM contents, if a global Pipeline library alread...

8.8CVSS5.7AI score0.01601EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2022/02/15 4:10 p.m.47 views

CVE-2022-25173

Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier uses the same checkout directories for distinct SCMs when reading the script file typically Jenkinsfile for Pipelines, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted...

8.8CVSS4.1AI score0.01444EPSS
Exploits0References2
Rows per page
Query Builder