Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2015-1806

The combination filter Groovy script in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with job configuration permission to gain privileges and execute arbitrary code on the master via unspecified vectors.

  • Published: Oct 16, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-1806
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

Software From Fixed in
jenkins / jenkins - 1.580.3.x
jenkins / jenkins - 1.599.x
redhat / openshift - 3.1.x