pkg:maven/org.jenkins-ci.plugins/workflow-cps-global-lib
Type
maven
Namespace
org.jenkins-ci.plugins
Name
workflow-cps-global-lib
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/workflow-cps-global-lib package.
High
6
Medium
2
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 2.14 |
CVE-2019-10357
|
 JENKINS:SECURITY-1422
|
Missing permission check in `workflow-cps-global-lib` | medium |
2019-07-31T00:00:00
(5 years ago) |
|
| Fixed | = 2.15 |
CVE-2019-10357
|
JENKINS:SECURITY-1422
|
Missing permission check in `workflow-cps-global-lib` | medium |
2019-07-31T00:00:00
(5 years ago) |
|
| Affected | <= 564.ve62a_4eb_b_e039 |
CVE-2022-29047
|
JENKINS:SECURITY-1951
|
Untrusted users can modify some Pipeline libraries in `workflow-cps-global-lib` | high |
2022-04-12T00:00:00
(2 years ago) |
|
| Fixed | = 566.vd0a_a_3334a_555 or 2.21.3 |
CVE-2022-29047
|
JENKINS:SECURITY-1951
|
Untrusted users can modify some Pipeline libraries in `workflow-cps-global-lib` | high |
2022-04-12T00:00:00
(2 years ago) |
|
| Affected | <= 552.vd9cc05b8a2e1 |
CVE-2022-25182
|
JENKINS:SECURITY-2422
|
Sandbox bypass vulnerability in `workflow-cps-global-lib` | high |
2022-02-15T00:00:00
(2 years ago) |
|
| Fixed | = 561.va_ce0de3c2d69 |
CVE-2022-25182
|
JENKINS:SECURITY-2422
|
Sandbox bypass vulnerability in `workflow-cps-global-lib` | high |
2022-02-15T00:00:00
(2 years ago) |
|
| Affected | <= 552.vd9cc05b8a2e1 |
CVE-2022-25181
|
JENKINS:SECURITY-2441
|
Sandbox bypass vulnerability in `workflow-cps-global-lib` | high |
2022-02-15T00:00:00
(2 years ago) |
|
| Fixed | = 561.va_ce0de3c2d69 |
CVE-2022-25181
|
JENKINS:SECURITY-2441
|
Sandbox bypass vulnerability in `workflow-cps-global-lib` | high |
2022-02-15T00:00:00
(2 years ago) |
|
| Affected | <= 552.vd9cc05b8a2e1 |
CVE-2022-25173
CVE-2022-25174 CVE-2022-25175 |
JENKINS:SECURITY-2463
|
OS command execution vulnerabilities in Pipeline-related plugins | high |
2022-02-15T00:00:00
(2 years ago) |
|
| Fixed | = 561.va_ce0de3c2d69 |
CVE-2022-25173
CVE-2022-25174 CVE-2022-25175 |
JENKINS:SECURITY-2463
|
OS command execution vulnerabilities in Pipeline-related plugins | high |
2022-02-15T00:00:00
(2 years ago) |
|
| Affected | <= 552.vd9cc05b8a2e1 |
CVE-2022-25183
|
JENKINS:SECURITY-2586
|
Sandbox bypass vulnerability in `workflow-cps-global-lib` | high |
2022-02-15T00:00:00
(2 years ago) |
|
| Fixed | = 561.va_ce0de3c2d69 |
CVE-2022-25183
|
JENKINS:SECURITY-2586
|
Sandbox bypass vulnerability in `workflow-cps-global-lib` | high |
2022-02-15T00:00:00
(2 years ago) |
|
| Affected | <= 552.vd9cc05b8a2e1 |
CVE-2022-25176
CVE-2022-25177 CVE-2022-25178 CVE-2022-25179 |
JENKINS:SECURITY-2613
|
Vulnerabilities in multiple Pipeline-related plugins allow reading arbitrary files on the controller | medium |
2022-02-15T00:00:00
(2 years ago) |
|
| Fixed | = 561.va_ce0de3c2d69 |
CVE-2022-25176
CVE-2022-25177 CVE-2022-25178 CVE-2022-25179 |
JENKINS:SECURITY-2613
|
Vulnerabilities in multiple Pipeline-related plugins allow reading arbitrary files on the controller | medium |
2022-02-15T00:00:00
(2 years ago) |
|
| Affected | <= 583.vf3b_454e43966 |
CVE-2022-43405
CVE-2022-43406 |
JENKINS:SECURITY-2824-2
|
Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin and Pipeline: Deprecated Groovy Libraries Plugin | high |
2022-10-19T00:00:00
(23 months ago) |
|
| Fixed | = 588.v576c103a_ff86 |
CVE-2022-43405
CVE-2022-43406 |
JENKINS:SECURITY-2824-2
|
Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin and Pipeline: Deprecated Groovy Libraries Plugin | high |
2022-10-19T00:00:00
(23 months ago) |