pkg:maven/org.jenkins-ci.plugins/workflow-cps
Type
maven
Namespace
org.jenkins-ci.plugins
Name
workflow-cps
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/workflow-cps package.
High
8
Medium
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 2.59 |
CVE-2018-1000865
|
JENKINS:SECURITY-1186 | Sandbox Bypass in Script Security and Pipeline Groovy Plugins | high |
2018-10-29T00:00:00
(5 years ago) |
|
Fixed | = 2.60 |
CVE-2018-1000865
|
JENKINS:SECURITY-1186 | Sandbox Bypass in Script Security and Pipeline Groovy Plugins | high |
2018-10-29T00:00:00
(5 years ago) |
|
Affected | <= 2.61 |
CVE-2019-1003000
CVE-2019-1003001 CVE-2019-1003002 |
JENKINS:SECURITY-1266 | Sandbox Bypass in Script Security and Pipeline Plugins | high |
2019-01-08T00:00:00
(5 years ago) |
|
Fixed | = 2.61.1 |
CVE-2019-1003000
CVE-2019-1003001 CVE-2019-1003002 |
JENKINS:SECURITY-1266 | Sandbox Bypass in Script Security and Pipeline Plugins | high |
2019-01-08T00:00:00
(5 years ago) |
|
Affected | <= 2.63 |
CVE-2019-1003030
|
JENKINS:SECURITY-1336-2 | Sandbox bypass in Pipeline: Groovy Plugin | high |
2019-03-06T00:00:00
(5 years ago) |
|
Fixed | = 2.64 |
CVE-2019-1003030
|
JENKINS:SECURITY-1336-2 | Sandbox bypass in Pipeline: Groovy Plugin | high |
2019-03-06T00:00:00
(5 years ago) |
|
Affected | <= 2.64 |
CVE-2019-1003040
|
JENKINS:SECURITY-1353 | Sandbox bypass in Script Security Plugin and Pipeline: Groovy Plugin | high |
2019-03-25T00:00:00
(5 years ago) |
|
Fixed | = 2.65 |
CVE-2019-1003040
|
JENKINS:SECURITY-1353 | Sandbox bypass in Script Security Plugin and Pipeline: Groovy Plugin | high |
2019-03-25T00:00:00
(5 years ago) |
|
Affected | <= 2.78 |
CVE-2020-2109
|
JENKINS:SECURITY-1710 | Sandbox bypass via default method parameter expression in `workflow-cps` | high |
2020-02-12T00:00:00
(4 years ago) |
|
Fixed | = 2.79 |
CVE-2020-2109
|
JENKINS:SECURITY-1710 | Sandbox bypass via default method parameter expression in `workflow-cps` | high |
2020-02-12T00:00:00
(4 years ago) |
|
Affected | <= 2648.va9433432b33c |
CVE-2022-25180
|
JENKINS:SECURITY-2443 | Sensitive information disclosure in `workflow-cps` | medium |
2022-02-15T00:00:00
(2 years ago) |
|
Fixed | = 2656.vf7a_e7b_75a_457 |
CVE-2022-25180
|
JENKINS:SECURITY-2443 | Sensitive information disclosure in `workflow-cps` | medium |
2022-02-15T00:00:00
(2 years ago) |
|
Affected | <= 2648.va9433432b33c |
CVE-2022-25173
CVE-2022-25174 CVE-2022-25175 |
JENKINS:SECURITY-2463 | OS command execution vulnerabilities in Pipeline-related plugins | high |
2022-02-15T00:00:00
(2 years ago) |
|
Fixed | = 2656.vf7a_e7b_75a_457 |
CVE-2022-25173
CVE-2022-25174 CVE-2022-25175 |
JENKINS:SECURITY-2463 | OS command execution vulnerabilities in Pipeline-related plugins | high |
2022-02-15T00:00:00
(2 years ago) |
|
Affected | <= 2648.va9433432b33c |
CVE-2022-25176
CVE-2022-25177 CVE-2022-25178 CVE-2022-25179 |
JENKINS:SECURITY-2613 | Vulnerabilities in multiple Pipeline-related plugins allow reading arbitrary files on the controller | medium |
2022-02-15T00:00:00
(2 years ago) |
|
Fixed | = 2656.vf7a_e7b_75a_457 |
CVE-2022-25176
CVE-2022-25177 CVE-2022-25178 CVE-2022-25179 |
JENKINS:SECURITY-2613 | Vulnerabilities in multiple Pipeline-related plugins allow reading arbitrary files on the controller | medium |
2022-02-15T00:00:00
(2 years ago) |
|
Affected | <= 2802.v5ea_628154b_c2 |
CVE-2022-43401
|
JENKINS:SECURITY-2824-1 | Sandbox bypass vulnerabilities in Script Security Plugin and in Pipeline: Groovy Plugin | high |
2022-10-19T00:00:00
(23 months ago) |
|
Fixed | = 2803.v1a_f77ffcc773 |
CVE-2022-43401
|
JENKINS:SECURITY-2824-1 | Sandbox bypass vulnerabilities in Script Security Plugin and in Pipeline: Groovy Plugin | high |
2022-10-19T00:00:00
(23 months ago) |
|
Affected | <= 2689.v434009a_31b_f1 |
CVE-2022-30945
|
JENKINS:SECURITY-359 | Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in `workflow-cps` | high |
2022-05-17T00:00:00
(2 years ago) |
|
Fixed | = 2692.v76b_089ccd026 |
CVE-2022-30945
|
JENKINS:SECURITY-359 | Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in `workflow-cps` | high |
2022-05-17T00:00:00
(2 years ago) |