Jenkins pipeline groovy
This hub aggregates every CVE we track for Jenkins pipeline groovy, a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.
2
CVEs tracked
2
Critical
0
High
1
In CISA KEV
Severity distribution
CRITICAL2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 2 most recently published vulnerabilities affecting Jenkins pipeline groovy.
- CVE-2019-1003041A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plugin 2.64 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.9.8
- CVE-2019-1003030A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able...KEV9.9
Product normalization is registry-driven with AI assist and human review. How it works