{"containers":{"cna":{"affected":[{"product":"Jenkins Simple Travis Pipeline Runner Plugin","vendor":"Jenkins project","versions":[{"status":"affected","version":"1.0 and earlier"}]}],"descriptions":[{"lang":"en","value":"Jenkins Simple Travis Pipeline Runner Plugin 1.0 and earlier specifies unsafe values in its custom Script Security whitelist, allowing attackers able to execute Script Security protected scripts to execute arbitrary code."}],"providerMetadata":{"orgId":"39769cd5-e6e2-4dc8-927e-97b3aa056f5b","shortName":"jenkins","dateUpdated":"2023-10-24T16:48:30.137Z"},"references":[{"name":"[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2019/08/07/1"},{"tags":["x_refsource_CONFIRM"],"url":"https://jenkins.io/security/advisory/2019-08-07/#SECURITY-922"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"jenkinsci-cert@googlegroups.com","ID":"CVE-2019-10380","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Jenkins Simple Travis Pipeline Runner Plugin","version":{"version_data":[{"version_value":"1.0 and earlier"}]}}]},"vendor_name":"Jenkins project"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Jenkins Simple Travis Pipeline Runner Plugin 1.0 and earlier specifies unsafe values in its custom Script Security whitelist, allowing attackers able to execute Script Security protected scripts to execute arbitrary code."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-183"}]}]},"references":{"reference_data":[{"name":"[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins","refsource":"MLIST","url":"http://www.openwall.com/lists/oss-security/2019/08/07/1"},{"name":"https://jenkins.io/security/advisory/2019-08-07/#SECURITY-922","refsource":"CONFIRM","url":"https://jenkins.io/security/advisory/2019-08-07/#SECURITY-922"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T22:17:20.571Z"},"title":"CVE Program Container","references":[{"name":"[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2019/08/07/1"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://jenkins.io/security/advisory/2019-08-07/#SECURITY-922"}]}]},"cveMetadata":{"assignerOrgId":"39769cd5-e6e2-4dc8-927e-97b3aa056f5b","assignerShortName":"jenkins","cveId":"CVE-2019-10380","datePublished":"2019-08-07T14:20:24.000Z","dateReserved":"2019-03-29T00:00:00.000Z","dateUpdated":"2024-08-04T22:17:20.571Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}