VYPR

Pipeline\

by Jenkins Project

CVEs (3)

  • CVE-2017-1000096HigOct 5, 2017
    risk 0.57cvss 8.8epss 0.02

    Arbitrary code execution due to incomplete sandbox protection: Constructors, instance variable initializers, and instance initializers in Pipeline scripts were not subject to sandbox protection, and could therefore execute arbitrary code. This could be exploited e.g. by regular…

  • CVE-2017-1000089MedOct 5, 2017
    risk 0.35cvss 5.3epss 0.01

    Builds in Jenkins are associated with an authentication that controls the permissions that the build has to interact with other elements in Jenkins. The Pipeline: Build Step Plugin did not check the build authentication it was running as and allowed triggering any other project…

  • CVE-1999-0060Mar 16, 1998
    risk 0.04cvss epss 0.09

    Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool.