QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-43406

Back to search

CVE-2022-43406

Published: Oct 19, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries Plugin 583.vf3b_454e43966 and earlier allows attackers with permission to define untrusted Pipeline libraries and to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.

VendorProductVersions

Jenkins project

Jenkins Pipeline: Deprecated Groovy Libraries Plugin

affected
unspecified - <= 583.vf3b_454e43966

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now