CVE-2019-10380
N/A
N/A
Summary
Jenkins Simple Travis Pipeline Runner Plugin 1.0 and earlier specifies unsafe values in its custom Script Security whitelist, allowing attackers able to execute Script Security protected scripts to execute arbitrary code.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Jenkins project | Jenkins Simple Travis Pipeline Runner Plugin | 1.0 and earlier | affected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- http://www.openwall.com/lists/oss-security/2019/08/07/1
- https://jenkins.io/security/advisory/2019-08-07/#SECURITY-922
References
- http://www.openwall.com/lists/oss-security/2019/08/07/1
- https://jenkins.io/security/advisory/2019-08-07/#SECURITY-922
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.