pkg:maven/org.jenkins-ci.plugins/workflow-cps

Type maven

Namespace org.jenkins-ci.plugins

Name workflow-cps

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/workflow-cps package.

Repository: https://mvnrepository.com/artifact/org.jenkins-ci.plugins/workflow-cps

High 8

Medium 2

Type	Version	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 2.59	CVE-2018-1000865	JENKINS:SECURITY-1186	Sandbox Bypass in Script Security and Pipeline Groovy Plugins	high	2018-10-29T00:00:00 (5 years ago)
Fixed	= 2.60	CVE-2018-1000865	JENKINS:SECURITY-1186	Sandbox Bypass in Script Security and Pipeline Groovy Plugins	high	2018-10-29T00:00:00 (5 years ago)
Affected	<= 2.61	CVE-2019-1003000 CVE-2019-1003001 CVE-2019-1003002	JENKINS:SECURITY-1266	Sandbox Bypass in Script Security and Pipeline Plugins	high	2019-01-08T00:00:00 (5 years ago)
Fixed	= 2.61.1	CVE-2019-1003000 CVE-2019-1003001 CVE-2019-1003002	JENKINS:SECURITY-1266	Sandbox Bypass in Script Security and Pipeline Plugins	high	2019-01-08T00:00:00 (5 years ago)
Affected	<= 2.63	CVE-2019-1003030	JENKINS:SECURITY-1336-2	Sandbox bypass in Pipeline: Groovy Plugin	high	2019-03-06T00:00:00 (5 years ago)
Fixed	= 2.64	CVE-2019-1003030	JENKINS:SECURITY-1336-2	Sandbox bypass in Pipeline: Groovy Plugin	high	2019-03-06T00:00:00 (5 years ago)
Affected	<= 2.64	CVE-2019-1003040	JENKINS:SECURITY-1353	Sandbox bypass in Script Security Plugin and Pipeline: Groovy Plugin	high	2019-03-25T00:00:00 (5 years ago)
Fixed	= 2.65	CVE-2019-1003040	JENKINS:SECURITY-1353	Sandbox bypass in Script Security Plugin and Pipeline: Groovy Plugin	high	2019-03-25T00:00:00 (5 years ago)
Affected	<= 2.78	CVE-2020-2109	JENKINS:SECURITY-1710	Sandbox bypass via default method parameter expression in `workflow-cps`	high	2020-02-12T00:00:00 (4 years ago)
Fixed	= 2.79	CVE-2020-2109	JENKINS:SECURITY-1710	Sandbox bypass via default method parameter expression in `workflow-cps`	high	2020-02-12T00:00:00 (4 years ago)
Affected	<= 2648.va9433432b33c	CVE-2022-25180	JENKINS:SECURITY-2443	Sensitive information disclosure in `workflow-cps`	medium	2022-02-15T00:00:00 (2 years ago)
Fixed	= 2656.vf7a_e7b_75a_457	CVE-2022-25180	JENKINS:SECURITY-2443	Sensitive information disclosure in `workflow-cps`	medium	2022-02-15T00:00:00 (2 years ago)
Affected	<= 2648.va9433432b33c	CVE-2022-25173 CVE-2022-25174 CVE-2022-25175	JENKINS:SECURITY-2463	OS command execution vulnerabilities in Pipeline-related plugins	high	2022-02-15T00:00:00 (2 years ago)
Fixed	= 2656.vf7a_e7b_75a_457	CVE-2022-25173 CVE-2022-25174 CVE-2022-25175	JENKINS:SECURITY-2463	OS command execution vulnerabilities in Pipeline-related plugins	high	2022-02-15T00:00:00 (2 years ago)
Affected	<= 2648.va9433432b33c	CVE-2022-25176 CVE-2022-25177 CVE-2022-25178 CVE-2022-25179	JENKINS:SECURITY-2613	Vulnerabilities in multiple Pipeline-related plugins allow reading arbitrary files on the controller	medium	2022-02-15T00:00:00 (2 years ago)
Fixed	= 2656.vf7a_e7b_75a_457	CVE-2022-25176 CVE-2022-25177 CVE-2022-25178 CVE-2022-25179	JENKINS:SECURITY-2613	Vulnerabilities in multiple Pipeline-related plugins allow reading arbitrary files on the controller	medium	2022-02-15T00:00:00 (2 years ago)
Affected	<= 2802.v5ea_628154b_c2	CVE-2022-43401	JENKINS:SECURITY-2824-1	Sandbox bypass vulnerabilities in Script Security Plugin and in Pipeline: Groovy Plugin	high	2022-10-19T00:00:00 (23 months ago)
Fixed	= 2803.v1a_f77ffcc773	CVE-2022-43401	JENKINS:SECURITY-2824-1	Sandbox bypass vulnerabilities in Script Security Plugin and in Pipeline: Groovy Plugin	high	2022-10-19T00:00:00 (23 months ago)
Affected	<= 2689.v434009a_31b_f1	CVE-2022-30945	JENKINS:SECURITY-359	Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in `workflow-cps`	high	2022-05-17T00:00:00 (2 years ago)
Fixed	= 2692.v76b_089ccd026	CVE-2022-30945	JENKINS:SECURITY-359	Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in `workflow-cps`	high	2022-05-17T00:00:00 (2 years ago)