[Bug 1819095] CVE-2020-2109 jenkins-pipeline-groovy-plugin: sandbox protection bypass through default parameter expressions in CPS-transformed methods

Author:



A vulnerability was found in Jenkins Pipeline: Groovy Plugin 2.78 and earlier, where sandbox protection can be circumvented through default parameter expressions in CPS-transformed methods. Reference:

You need to log in before you can comment on or make changes to this bug.



Source link

You must be logged in to post a comment.

RELATED STORIES
Category Product Vulnerabilities

Everything we know about the SolarWinds incident

January 20, 2021
The story so far In December 2020 the widely used business software application Orion, a...
Read More
Category Product Vulnerabilities

FreakOut malware exploits critical bugs to infect Linux hosts

January 19, 2021
An active malicious campaign is currently targeting Linux devices running software with critical vulnerabilities that...
Read More
Category Product Vulnerabilities

CVE-2021-21250 Theonedev OneDev 安全漏洞 -漏洞情报、漏洞详情、安全漏洞、CVE

January 18, 2021
|漏洞详情 Theonedev Onedev是Theonedev团队的一个基于JAVA的多合一DevOps平台。该平台支持容器构建、编排、CI、Git管理、团队协作等功能,帮助开发者构建一个简单、功能强大的开发平台。 OneDev before version 4.0.3 存在安全漏洞,攻击者可利用该漏洞从文件系统中读取任意文件。 |参考资料 来源:nvd.nist.gov 链接:https://nvd.nist.gov/vuln/detail/CVE-2021-21250 Source link Is your...
Read More
Category Product Vulnerabilities

Bug in Windows 10 manda in crash il disco con… un’icona!

January 17, 2021
Bug in Windows 10 manda in crash il disco con… un’icona! Gen 15, 2021 Marco...
Read More
Category Product Vulnerabilities

CVE-2020-35687 PHPFusion 跨站请求伪造漏洞 -漏洞情报、漏洞详情、安全漏洞、CVE – 安全客,安全资讯平台

January 16, 2021
# Exploit Title: PHP-Fusion CMS 9.03.90 - Cross-Site Request Forgery (Delete admin shoutbox message) #...
Read More
Category Product Vulnerabilities

Node.js: Mehrere Schwachstellen

January 15, 2021
Version: 8. Neue Updates von SUSE aufgenommen; Version: 7. Neue Updates von SUSE aufgenommen; Version:...
Read More
Category Product Vulnerabilities

RedHat: RHSA-2021-0145:01 Moderate: Red Hat OpenShift Serverless Client kn>

January 14, 2021
Red Hat OpenShift Serverless Client kn 1.12.0 Red Hat Product Security has rated this update...
Read More
Category Product Vulnerabilities

CVE-2021-20616 – Alert Detail – Security Database

January 13, 2021
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Read More
Category Product Vulnerabilities

CVE-2021-23240 – Alert Detail – Security Database

January 12, 2021
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Read More
Category Product Vulnerabilities

CVE-2020-17509 – Alert Detail – Security Database

January 11, 2021
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Read More
digitpol
scale
element-support
Call Center
+31 55 8448040
element-map
Location

Global

International Cyber Crime Investigation

Digitpol is licensed by the Ministry of Justice: Licence Number POB1557

©Digitpol. All images and content are copyright of Digitpol and can not be used, replicated or reproduced without written permission. 2019.

Privacy  /   Terms and Policy   /   Site map  /   Contact