Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openshift container platform vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2019-7609
Kibana versions prior to 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing ...
Elastic Kibana
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
15 Github repositories
10
CVSSv3
CVE-2018-14721
FasterXML jackson-databind 2.x prior to 2.9.7 might allow remote malicious users to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.
Fasterxml Jackson-databind 2.7.0
Fasterxml Jackson-databind
Fasterxml Jackson-databind 2.8.0
Fasterxml Jackson-databind 2.9.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier
Oracle Communications Billing And Revenue Management 7.5
Oracle Communications Billing And Revenue Management 12.0
Oracle Financial Services Analytical Applications Infrastructure 8.0.2
Oracle Financial Services Analytical Applications Infrastructure 8.0.3
Oracle Financial Services Analytical Applications Infrastructure 8.0.4
Oracle Financial Services Analytical Applications Infrastructure 8.0.5
Oracle Financial Services Analytical Applications Infrastructure 8.0.6
Oracle Financial Services Analytical Applications Infrastructure 8.0.7
Oracle Banking Platform 2.6.0
9.9
CVSSv3
CVE-2022-43401
A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and previous versions allows attackers with permission to define and run sandboxed scripts, including Pipelines, to ...
Jenkins Script Security
9.9
CVSSv3
CVE-2022-43402
A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Pipeline: Groovy Plugin 2802.v5ea_628154b_c2 and previous versions allows attackers with permission to define and run sandboxed scripts, including Pipelines, to b...
Jenkins Pipeline\\ Groovy
9.9
CVSSv3
CVE-2022-43403
A sandbox bypass vulnerability involving casting an array-like value to an array type in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and previous versions allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox pr...
Jenkins Script Security
9.9
CVSSv3
CVE-2022-43404
A sandbox bypass vulnerability involving crafted constructor bodies and calls to sandbox-generated synthetic constructors in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and previous versions allows attackers with permission to define and run sandboxed scripts, including...
Jenkins Script Security
9.9
CVSSv3
CVE-2022-43405
A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Libraries Plugin 612.v84da_9c54906d and previous versions allows attackers with permission to define untrusted Pipeline libraries and to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protect...
Jenkins Groovy Libraries
9.9
CVSSv3
CVE-2022-43406
A sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries Plugin 583.vf3b_454e43966 and previous versions allows attackers with permission to define untrusted Pipeline libraries and to define and run sandboxed scripts, including Pipelines, to bypass the sand...
Jenkins Groovy Libraries
9.9
CVSSv3
CVE-2019-16541
Jenkins JIRA Plugin 3.0.10 and previous versions does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope.
Jenkins Jira
9.9
CVSSv3
CVE-2019-10431
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and previous versions related to the handling of default parameter expressions in constructors allowed malicious users to execute arbitrary code in sandboxed scripts.
Jenkins Script Security
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »