Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
JenkinsScript Security*

3 matches found

CVE
CVEadded 2022/11/15 8:15 p.m.312 views

CVE-2022-45379

Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks.

7.5CVSS7.3AI score0.0008EPSS
CVE
CVEadded 2023/01/26 9:18 p.m.266 views

CVE-2023-24422

A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the J...

8.8CVSS9.1AI score0.00014EPSS
CVE
CVEadded 2022/05/17 3:15 p.m.132 views

CVE-2022-30946

A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.

4.3CVSS4.7AI score0.00047EPSS