Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pipeline: groovy vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2019-1003030
A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and previous versions in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins mas...
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
1 Github repository
8.8
CVSSv3
CVE-2019-1003000
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and previous versions in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the ...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
2 EDB exploits
6 Github repositories
8.8
CVSSv3
CVE-2019-1003001
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and previous versions in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/R...
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
1 EDB exploit
1 Github repository
8.8
CVSSv3
CVE-2019-1003002
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and previous versions in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pi...
Jenkins Pipeline\\ Declarative
Redhat Openshift Container Platform 3.11
1 EDB exploit
1 Github repository
6.5
CVSSv3
CVE-2018-1000408
A denial of service vulnerability exists in Jenkins 2.145 and previous versions, LTS 2.138.1 and previous versions in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java that allows attackers without Overall/Read permission to access a specific URL on instances usi...
Jenkins Jenkins
8.8
CVSSv3
CVE-2018-1000866
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and previous versions in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers w...
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3