Back to search
CVE-2019-10458
Published: Oct 16, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
Jenkins Puppet Enterprise Pipeline 1.3.1 and earlier specifies unsafe values in its custom Script Security whitelist, allowing attackers able to execute Script Security protected scripts to execute arbitrary code.
| Vendor | Product | Versions |
|---|---|---|
Jenkins project | Jenkins Puppet Enterprise Pipeline | affected 1.3.1 and earlier |
References
https://jenkins.io/security/advisory/2019-10-16/#SECURITY-918
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now