Max CVSS | 6.5 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-1003001 | 6.5 |
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows atta
|
25-10-2023 - 18:16 | 22-01-2019 - 14:29 | |
CVE-2019-1003011 | 5.5 |
An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/j
|
25-10-2023 - 18:16 | 06-02-2019 - 16:29 | |
CVE-2019-1003012 | 4.3 |
A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js, b
|
25-10-2023 - 18:16 | 06-02-2019 - 16:29 | |
CVE-2019-1003013 | 3.5 |
An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/ex
|
25-10-2023 - 18:16 | 06-02-2019 - 16:29 | |
CVE-2019-1003002 | 6.5 |
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permis
|
25-10-2023 - 18:16 | 22-01-2019 - 14:29 | |
CVE-2019-1003014 | 3.5 |
An cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.4.1 and earlier in src/main/resources/lib/configfiles/configfiles.jelly that allows attackers with permission to define shared configuration files to execute arbitr
|
25-10-2023 - 18:16 | 06-02-2019 - 16:29 | |
CVE-2019-1003000 | 6.5 |
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute ar
|
25-10-2023 - 18:16 | 22-01-2019 - 14:29 | |
CVE-2018-20103 | 5.0 |
An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaus
|
02-06-2022 - 14:15 | 12-12-2018 - 17:29 | |
CVE-2018-20102 | 5.0 |
An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-
|
02-06-2022 - 14:15 | 12-12-2018 - 17:29 | |
CVE-2019-1003000 | 6.5 |
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute ar
|
29-09-2020 - 01:41 | 22-01-2019 - 14:29 | |
CVE-2019-1003001 | 6.5 |
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows atta
|
29-09-2020 - 01:40 | 22-01-2019 - 14:29 | |
CVE-2019-1003002 | 6.5 |
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permis
|
29-09-2020 - 01:40 | 22-01-2019 - 14:29 | |
CVE-2019-1003011 | 5.5 |
An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/j
|
29-09-2020 - 00:50 | 06-02-2019 - 16:29 | |
CVE-2018-1000866 | 6.5 |
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java tha
|
03-10-2019 - 00:03 | 10-12-2018 - 14:29 | |
CVE-2018-1000865 | 6.5 |
A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the J
|
03-10-2019 - 00:03 | 10-12-2018 - 14:29 | |
CVE-2019-1003010 | 4.3 |
A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build reco
|
26-04-2019 - 14:01 | 06-02-2019 - 16:29 |