Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

21 advisories

Loading
Sandbox bypass in Script Security Plugin Critical
CVE-2019-1003029 was published for org.jenkins-ci.plugins:script-security (Maven) May 13, 2022
westonsteimel
Sandbox bypass in Jenkins Pipeline: Groovy Plugin Critical
CVE-2019-1003030 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) May 13, 2022
westonsteimel
Script security sandbox bypass in Jenkins Email Extension Plugin Critical
CVE-2019-1003032 was published for org.jenkins-ci.plugins:email-ext (Maven) May 13, 2022
westonsteimel
Script security sandbox bypass in Matrix Project Plugin Critical
CVE-2019-1003031 was published for org.jenkins-ci.plugins:matrix-project (Maven) May 13, 2022
westonsteimel
Script security sandbox bypass in Jenkins Job DSL Plugin Critical
CVE-2019-1003034 was published for org.jenkins-ci.plugins:job-dsl (Maven) May 13, 2022
westonsteimel
Sandbox bypass vulnerability in Jenkins Script Security Plugin Critical
CVE-2020-2279 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
NotMyFault westonsteimel
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21690 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Unsafe entry in Script Security list of approved signatures in Pipeline Remote Loader Plugin Critical
CVE-2019-10328 was published for org.jenkins-ci.plugins:workflow-remote-loader (Maven) May 24, 2022
westonsteimel
isolated-vm has vulnerable CachedDataOptions in API Critical
CVE-2022-39266 was published for isolated-vm (npm) Sep 30, 2022
hedgehog80
Jenkins Pipeline: Groovy Plugin allows sandbox protection bypass and arbitrary code execution Critical
CVE-2022-43402 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) Oct 19, 2022
Jenkins Script Security Plugin sandbox bypass vulnerability Critical
CVE-2022-43403 was published for org.jenkins-ci.plugins:script-security (Maven) Oct 19, 2022
User login brute force protection functionality bypass Critical Unreviewed
CVE-2022-27516 was published Nov 9, 2022
Sandbox escape in Jenkins Email Extension Plugin Critical
CVE-2023-25765 was published for org.jenkins-ci.plugins:email-ext (Maven) Feb 15, 2023
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An... Critical Unreviewed
CVE-2023-32493 was published Aug 16, 2023
Protection mechanism failure in some Intel DCM software before version 5.2 may allow an... Critical Unreviewed
CVE-2023-31273 was published Nov 14, 2023
ProTip! Advisories are also available from the GraphQL API