9 matches found
EUVD-2022-2078
Malicious code in bioql PyPI...
GHSA-324H-2V7H-Q3XX RCE vulnerability in Jenkins Yaml Axis Plugin
Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to configure a multi-configuration Matrix job, or control the contents of a previously...
RCE vulnerability in Jenkins Yaml Axis Plugin
Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to configure a multi-configuration Matrix job, or control the contents of a previously...
CloudBees Jenkins Yaml Axis Plugin Code Issue Vulnerability
CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Yaml Axis Plugin is used in one of the axis creation and...
CVE-2020-2179
Jenkins Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
Remote code execution
Jenkins Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
CVE-2020-2179
Jenkins Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
CVE-2020-2179
Jenkins Yaml Axis Plugin (versions ≤0.2.0) is affected by a remote code execution vulnerability due to the YAML parser not restricting deserialized types. Exploitation is possible when a user can configure a multi-configuration (Matrix) job or control contents of a job’s SCM repository. The issue...
PT-2020-15392 · Jenkins · Jenkins Yaml Axis Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Yaml Axis Plugin versions 0.2.0 and earlier Description: The issue results from the YAML parser not being configured to prevent the instantiation of arbitrary types, leading to a remote code execution vulnerability. This vulnerability...