Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openshift vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2022-43406
A sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries Plugin 583.vf3b_454e43966 and previous versions allows attackers with permission to define untrusted Pipeline libraries and to define and run sandboxed scripts, including Pipelines, to bypass the sand...
Jenkins Groovy Libraries
9.9
CVSSv3
CVE-2020-14316
A flaw was found in kubevirt 0.29 and previous versions. Virtual Machine Instances (VMIs) can be used to gain access to the host's filesystem. Successful exploitation allows an malicious user to assume the privileges of the VM process on the host system. In worst-case scenar...
Kubevirt Kubevirt
Redhat Openshift Virtualization 1
9.9
CVSSv3
CVE-2019-16541
Jenkins JIRA Plugin 3.0.10 and previous versions does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope.
Jenkins Jira
9.9
CVSSv3
CVE-2019-10431
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and previous versions related to the handling of default parameter expressions in constructors allowed malicious users to execute arbitrary code in sandboxed scripts.
Jenkins Script Security
9.9
CVSSv3
CVE-2019-10328
Jenkins Pipeline Remote Loader Plugin 1.4 and previous versions provided a custom whitelist for script security that allowed malicious users to invoke arbitrary methods, bypassing typical sandbox protection.
Jenkins Pipeline Remote Loader
9.9
CVSSv3
CVE-2019-1003029
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and previous versions in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java th...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
5 Github repositories
9.9
CVSSv3
CVE-2019-1003030
A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and previous versions in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins mas...
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
1 Github repository
9.9
CVSSv3
CVE-2019-1003031
A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and previous versions in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.
Jenkins Matrix Project
Redhat Openshift Container Platform 3.11
9.9
CVSSv3
CVE-2019-1003034
A sandbox bypass vulnerability exists in Jenkins Job DSL Plugin 1.71 and previous versions in job-dsl-core/src/main/groovy/javaposse/jobdsl/dsl/AbstractDslScriptLoader.groovy, job-dsl-plugin/build.gradle, job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/JobDslWhitelist.groo...
Jenkins Job Dsl
Redhat Openshift Container Platform 3.11
9.8
CVSSv3
CVE-2023-49569
A path traversal vulnerability exists in go-git versions prior to v5.11. This vulnerability allows an malicious user to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are us...
Go-git Project Go-git
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »