Lucene search
Veracode Vulnerability DatabaseVERACODE:39568HistoryMar 07, 2023 - 12:49 a.m.
Arbitrary Code Execution
2023-03-0700:49:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
arbitrary code execution
jenkins
vulnerability
software
EPSS
0.001
Percentile
47.2%
jenkins-2-plugins is vulnerable to Arbitrary Code Execution. An attacker can bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM through the maliciously crafted libraries or pipelines.
References
www.openwall.com/lists/oss-security/2022/10/19/3
access.redhat.com/errata/RHSA-2023:0777
access.redhat.com/security/updates/classification/#critical
bugzilla.redhat.com/show_bug.cgi?id=2136374
docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%282%29
www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)
Related
osv
osv
nvd
nvd
CVE-2022-43405
2022-10-19 16:15:10
redhatcve
redhatcve
CVE-2022-43405
2022-10-20 06:17:16
github
github
alpinelinux
alpinelinux
CVE-2022-43405
2022-10-19 16:15:10
prion
prion
Security feature bypass
2022-10-19 16:15:00
cve
cve
CVE-2022-43405
2022-10-19 16:15:10
cvelist
cvelist
CVE-2022-43405
2022-10-19 00:00:00
nessus
nessus
RHCOS 4 : OpenShift Container Platform 4.10.51 (RHSA-2023:0560)
2024-01-24 00:00:00
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)
2024-04-28 00:00:00
redhat
redhat