6 matches found
EUVD-2022-5097
Malicious code in bioql PyPI...
CVE-2024-52554
Jenkins Shared Library Version Override Plugin 17.v786074c9fce7 and earlier declares folder-scoped library overrides as trusted, so that they're not executed in the Script Security sandbox, allowing attackers with Item/Configure permission on a folder to configure a folder-scoped library override...
CVE-2024-52554
Jenkins Shared Library Version Override Plugin 17.v786074c9fce7 and earlier declares folder-scoped library overrides as trusted, so that they're not executed in the Script Security sandbox, allowing attackers with Item/Configure permission on a folder to configure a folder-scoped library override...
CVE-2024-52554
CVE-2024-52554 affects the Jenkins plugin “Shared Library Version Override” for versions 17.v786074c9fce7 and earlier. The root cause is that folder-scoped library overrides are declared as trusted, so they are not executed inside the Script Security sandbox. This allows a user with Item/Configur...
CVE-2017-2650
It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.g. Job/Configure permission in Jenkins...
Design/Logic Flaw
It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.g. Job/Configure permission in Jenkins...