Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
groovy vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-1003005
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and previous versions in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP...
Jenkins Script Security
2 Github repositories
6.5
CVSSv2
CVE-2019-1003000
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and previous versions in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the ...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
2 EDB exploits
6 Github repositories
6.5
CVSSv2
CVE-2019-1003002
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and previous versions in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pi...
Jenkins Pipeline\\ Declarative
Redhat Openshift Container Platform 3.11
1 EDB exploit
1 Github repository
6.5
CVSSv2
CVE-2019-1003001
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and previous versions in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/R...
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
1 EDB exploit
1 Github repository
6.5
CVSSv2
CVE-2018-1000865
A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and previous versions in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, i...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
6.5
CVSSv2
CVE-2018-1000866
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and previous versions in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers w...
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
6.5
CVSSv2
CVE-2017-1000403
Jenkins Speaks! Plugin, all current versions, allows users with Job/Configure permission to run arbitrary Groovy code inside the Jenkins JVM, effectively elevating privileges to Overall/Run Scripts.
Jenkins Speaks\\!
6.5
CVSSv2
CVE-2013-6366
The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators to execute arbitrary code via a Runtime.getRuntime().exec call.
Vmware Hyperic Hq 4.6.6
1 EDB exploit
6.4
CVSSv2
CVE-2018-1000408
A denial of service vulnerability exists in Jenkins 2.145 and previous versions, LTS 2.138.1 and previous versions in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java that allows attackers without Overall/Read permission to access a specific URL on instances usi...
Jenkins Jenkins
5.5
CVSSv2
CVE-2019-3759
The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products before 7.1.0 P08 contain a code injection vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to run custom Groovy scripts to gain limite...
Dell Rsa Identity Governance And Lifecycle 7.0.1
Dell Rsa Identity Governance And Lifecycle 7.0.2
Dell Rsa Identity Governance And Lifecycle 7.1.0
Dell Rsa Identity Governance And Lifecycle 7.1.1
Dell Rsa Via Lifecycle And Governance 7.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »