CVE-2019-10458
N/A
N/A
Summary
Jenkins Puppet Enterprise Pipeline 1.3.1 and earlier specifies unsafe values in its custom Script Security whitelist, allowing attackers able to execute Script Security protected scripts to execute arbitrary code.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Jenkins project | Jenkins Puppet Enterprise Pipeline | 1.3.1 and earlier | affected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.