Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift 3.11 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2018-1000866
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and previous versions in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers w...
Jenkins Pipeline Groovy
Redhat Openshift Container Platform 3.11
6.5
CVSSv2
CVE-2019-1003002
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and previous versions in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pi...
Jenkins Pipeline Declarative
Redhat Openshift Container Platform 3.11
1 EDB exploit
1 Github repository
6.5
CVSSv2
CVE-2019-1003000
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and previous versions in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the ...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
2 EDB exploits
6 Github repositories
4.3
CVSSv2
CVE-2019-1003012
A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and previous versions in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js, blueocean-rest/src/ma...
Jenkins Blue Ocean
Redhat Openshift Container Platform 3.11
6.5
CVSSv2
CVE-2019-1003031
A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and previous versions in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.
Jenkins Matrix Project
Redhat Openshift Container Platform 3.11
7.5
CVSSv2
CVE-2019-1003041
A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plugin 2.64 and previous versions allows malicious users to invoke arbitrary constructors in sandboxed scripts.
Jenkins Pipeline Groovy
Redhat Openshift Container Platform 3.11
6.5
CVSSv2
CVE-2018-1000865
A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and previous versions in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, i...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
6.5
CVSSv2
CVE-2019-1003001
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and previous versions in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/R...
Jenkins Pipeline Groovy
Redhat Openshift Container Platform 3.11
1 EDB exploit
1 Github repository
5.5
CVSSv2
CVE-2019-1003011
An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and previous versions in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/java/org/jenkinsci/pl...
Jenkins Token Macro
Redhat Openshift Container Platform 3.11
3.5
CVSSv2
CVE-2019-1003013
An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and previous versions in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.ja...
Jenkins Blue Ocean
Redhat Openshift Container Platform 3.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »