io.jenkins.plugins:pipeline-groovy-lib

Maven2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting io.jenkins.plugins:pipeline-groovy-libpage 1 of 1

CVE-2022-43405CRITICALCVSS 9.9EG 9.9✓ Fixed in 613.v9c41a_160233f
2022-10-19
vulnerable: 589.vb_a_b_4a_a_8c443c ... 612.v84da_9c54906d (7 versions)
A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Libraries Plugin 612.v84da_9c54906d and earlier allows attackers with permission to define untrusted Pipeline libraries and to define and run sandboxed scripts, including Pipelines…
CVE-2022-43406CRITICALCVSS 9.9EG 9.9✓ Fixed in 613.v9c41a_160233f
2022-10-19
vulnerable: 589.vb_a_b_4a_a_8c443c ... 612.v84da_9c54906d (7 versions)
A sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries Plugin 583.vf3b_454e43966 and earlier allows attackers with permission to define untrusted Pipeline libraries and to define and run sandboxed scripts, includin…

Check whether io.jenkins.plugins:pipeline-groovy-lib is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for io.jenkins.plugins:pipeline-groovy-lib CVEs against the assets you own.

Start Free Scan →