Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins script security vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-2135
Sandbox protection in Jenkins Script Security Plugin 1.70 and previous versions could be circumvented through crafted method calls on objects that implement GroovyInterceptable.
Jenkins Script Security
6.5
CVSSv2
CVE-2020-2110
Sandbox protection in Jenkins Script Security Plugin 1.69 and previous versions could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations.
Jenkins Script Security
6.5
CVSSv2
CVE-2019-16538
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and previous versions related to the handling of default parameter expressions in closures allowed malicious users to execute arbitrary code in sandboxed scripts.
Jenkins Script Security
6.5
CVSSv2
CVE-2019-10458
Jenkins Puppet Enterprise Pipeline 1.3.1 and previous versions specifies unsafe values in its custom Script Security whitelist, allowing attackers able to execute Script Security protected scripts to execute arbitrary code.
Jenkins Puppet Enterprise Pipeline
6.5
CVSSv2
CVE-2019-10431
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and previous versions related to the handling of default parameter expressions in constructors allowed malicious users to execute arbitrary code in sandboxed scripts.
Jenkins Script Security
6.5
CVSSv2
CVE-2019-10417
Jenkins Kubernetes :: Pipeline :: Kubernetes Steps Plugin provides a custom whitelist for script security that allowed malicious users to invoke arbitrary methods, bypassing typical sandbox protection.
Jenkins Kubernetes Pipeline
6.5
CVSSv2
CVE-2019-10418
Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a custom whitelist for script security that allowed malicious users to invoke arbitrary methods, bypassing typical sandbox protection.
Jenkins Kubernetes Pipeline
4.9
CVSSv2
CVE-2019-10393
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and previous versions related to the handling of method names in method call expressions allowed malicious users to execute arbitrary code in sandboxed scripts.
Jenkins Script Security
4.9
CVSSv2
CVE-2019-10394
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and previous versions related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed malicious users to execute arbitrary code in sandboxed scripts.
Jenkins Script Security
4.9
CVSSv2
CVE-2019-10399
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and previous versions related to the handling of property names in property expressions in increment and decrement expressions allowed malicious users to execute arbitrary code in sandboxed scripts.
Jenkins Script Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »