Search for packages
| purl | pkg:maven/org.jenkins-ci.plugins/job-dsl@1.72 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-zbbg-ynmr-rqcx | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') A sandbox bypass vulnerability exists in Jenkins Job DSL Plugin 1.71 and earlier in `job-dsl-core/src/main/groovy/javaposse/jobdsl/dsl/AbstractDslScriptLoader.groovy`, `job-dsl-plugin/build.gradle`, `job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/JobDslallow` `list.groovy`, `job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/SandboxDslScriptLoader.groovy` that allows attackers with control over Job DSL definitions to execute arbitrary code on the Jenkins master JVM. |
CVE-2019-1003034
GHSA-5r74-pgmq-92mm |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T16:01:20.937381+00:00 | GHSA Importer | Fixing | VCID-zbbg-ynmr-rqcx | https://github.com/advisories/GHSA-5r74-pgmq-92mm | 38.0.0 |
| 2026-04-01T13:10:14.038709+00:00 | GithubOSV Importer | Fixing | VCID-zbbg-ynmr-rqcx | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-5r74-pgmq-92mm/GHSA-5r74-pgmq-92mm.json | 38.0.0 |
| 2026-04-01T12:50:19.740913+00:00 | GitLab Importer | Fixing | VCID-zbbg-ynmr-rqcx | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.plugins/job-dsl/CVE-2019-1003034.yml | 38.0.0 |