vulnerability
Jenkins Advisory 2015-02-27: Combination filter Groovy script unsecured
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:P/I:P/A:P) | Nov 13, 2017 | Nov 13, 2017 | Mar 18, 2026 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Published
Nov 13, 2017
Added
Nov 13, 2017
Modified
Mar 18, 2026
Description
The combination filter Groovy script in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with job configuration permission to gain privileges and execute arbitrary code on the master via unspecified vectors.
Solutions
jenkins-lts-upgrade-1_596_1jenkins-upgrade-1_600
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.