Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:jenkins:job_dsl:1.10:*:*:*:*:jenkins:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-1003034 |
A sandbox bypass vulnerability exists in Jenkins Job DSL Plugin 1.71 and earlier in job-dsl-core/src/main/groovy/javaposse/jobdsl/dsl/AbstractDslScriptLoader.groovy, job-dsl-plugin/build.gradle, job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/JobDslWhitelist.groovy, job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/SandboxDslScriptLoader.groovy that allows attackers with control over Job DSL definitions to execute arbitrary code on the Jenkins master JVM. Published: March 08, 2019; 4:29:00 PM -0500 |
V4.0:(not available) V3.1: 9.9 CRITICAL V2.0: 6.5 MEDIUM |