Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pipeline: groovy vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2019-10357
A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and previous versions allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries.
Jenkins Pipeline\\ Shared Groovy Libraries
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
662
VMScore
CVE-2019-1003000
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and previous versions in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the ...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
2 EDB exploits
6 Github repositories
357
VMScore
CVE-2022-23109
Jenkins HashiCorp Vault Plugin 3.7.0 and previous versions does not mask Vault credentials in Pipeline build logs or in Pipeline step descriptions when Pipeline: Groovy Plugin 2.85 or later is installed.
Jenkins Hashicorp Vault
570
VMScore
CVE-2018-1000408
A denial of service vulnerability exists in Jenkins 2.145 and previous versions, LTS 2.138.1 and previous versions in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java that allows attackers without Overall/Read permission to access a specific URL on instances usi...
Jenkins Jenkins
668
VMScore
CVE-2019-1003040
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and previous versions allows malicious users to invoke arbitrary constructors in sandboxed scripts.
Jenkins Script Security
Redhat Openshift Container Platform 3.11
668
VMScore
CVE-2021-21696
Jenkins 2.318 and previous versions, LTS 2.303.2 and previous versions does not limit agent read/write access to the libs/ directory inside build directories when using the FilePath APIs, allowing attackers in control of agent processes to replace the code of a trusted library wi...
Jenkins Jenkins
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3