Showing 1 - 2 of 2

CVE-2022-43404

Status Candidate

Overview

A sandbox bypass vulnerability involving crafted constructor bodies and calls to sandbox-generated synthetic constructors in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.

Related Files

Red Hat Security Advisory 2023-1064-01: Posted Mar 6, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-1064-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, cross site request forgery, cross site scripting, and deserialization vulnerabilities.; tags | advisory, vulnerability, xss, csrf; systems | linux, redhat; advisories | CVE-2022-29047, CVE-2022-30952, CVE-2022-42003, CVE-2022-42004, CVE-2022-43401, CVE-2022-43402, CVE-2022-43403, CVE-2022-43404, CVE-2022-43405, CVE-2022-43406, CVE-2022-43407, CVE-2022-43408, CVE-2022-43409, CVE-2022-43410; SHA-256 | 914201513c49c4a46c9069d550e5e5e2e0d399b05ba7a90a95a69e7651a59611; Download | Favorite | View

Red Hat Security Advisory 2023-0560-01: Posted Feb 9, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0560-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, cross site request forgery, cross site scripting, denial of service, deserialization, and improper authorization vulnerabilities.; tags | advisory, denial of service, vulnerability, xss, csrf; systems | linux, redhat; advisories | CVE-2020-7692, CVE-2022-25857, CVE-2022-30946, CVE-2022-30952, CVE-2022-30953, CVE-2022-30954, CVE-2022-36882, CVE-2022-36883, CVE-2022-36884, CVE-2022-36885, CVE-2022-43401, CVE-2022-43402, CVE-2022-43403, CVE-2022-43404; SHA-256 | 87d74e099c44a8fba916939b5b695bf11f9ee4557c7c18075edde2249576eb5c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 119 files
Ubuntu 103 files
Debian 15 files
Rafael Pedrero 11 files
Apple 9 files
Google Security Research 9 files
Abdulhakim Oner 8 files
nu11secur1ty 8 files
Hubert Wojciechowski 6 files
Ivan Fratric 5 files

File Archives

Systems

AIX (426)
Apple (1,960)
BSD (372)
CentOS (56)
Cisco (1,919)
Debian (6,715)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,288)
HPUX (878)
iOS (340)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,153)
Mac OS X (684)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (12,930)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,462)
UNIX (9,208)
UnixWare (185)
Windows (6,533)
Other

CVE-2022-43404

Overview

Related Files

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems