Jenkins Pipeline: Declarative — known CVE vulnerabilities
Every CVE whose affected-product data names Jenkins Pipeline: Declarative, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2019-1003002 — CVSS 8.8 (high): A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src/main/groovy/org/jen…
CVE-2024-52551 — CVSS 8.0 (high): Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to…