CVE-2026-57284
MEDIUM SEVERITYCVSS Score & Metrics
Base Score
4.3 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Description
Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier does not restrict the types that can be instantiated through the Pipeline Snippet Generator, allowing attackers to instantiate types related to job or system configuration other than Pipeline steps.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-470
Source
NVD
Vendor
Jenkins Project
Product
Jenkins Pipeline: Groovy Plugin
Discussion (0)
Add Comment
No comments yet. Be the first!