CPE-43C7F6FA-7F41-44D3-A4BB-A231B548AEFB Detail

CPE Details

Jenkins Script Security 1146.vdf547f19a 473 for Jenkins

Vendor

jenkins

Product

script_security

Version

1146.vdf547f19a_473

Created

2022-11-23
01h21 +00:00

Modified

2022-11-23
01h23 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:jenkins:script_security:1146.vdf547f19a_473:::::jenkins::

Informations

Vendor

jenkins

Product

script_security

Version

1146.vdf547f19a_473

Target Software

jenkins

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-24422	2023-01-24 00h00 +00:00	A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.	8.8	High
CVE-2022-45379	2022-11-14 23h00 +00:00	Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks.	7.5	High
CVE-2022-43401	2022-10-18 22h00 +00:00	A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.	9.9	Critical
CVE-2022-43403	2022-10-18 22h00 +00:00	A sandbox bypass vulnerability involving casting an array-like value to an array type in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.	9.9	Critical
CVE-2022-43404	2022-10-18 22h00 +00:00	A sandbox bypass vulnerability involving crafted constructor bodies and calls to sandbox-generated synthetic constructors in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.	9.9	Critical
CVE-2022-30946	2022-05-17 12h05 +00:00	A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.	4.3	Medium

Jenkins Script Security 1146.vdf547f19a 473 for Jenkins

CPE Details

CPE Name: cpe:2.3:a:jenkins:script_security:1146.vdf547f19a_473:*:*:*:*:jenkins:*:*

Informations

Vendor

Product

Version

Target Software

Related CVE

CPE Name: cpe:2.3:a:jenkins:script_security:1146.vdf547f19a_473:::::jenkins::