CVE-2026-57283

Source
https://cve.org/CVERecord?id=CVE-2026-57283
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-57283.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-57283
Published
2026-06-24T14:17:34.270Z
Modified
2026-07-15T06:10:11.010026Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier allows attackers to instantiate types related to job or system configuration other than Pipeline steps through the Pipeline Snippet Generator.

References

Affected packages

Git / github.com/jenkinsci/workflow-cps-plugin

Affected ranges

Type
GIT
Repo
https://github.com/jenkinsci/workflow-cps-plugin
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "cpe": "cpe:2.3:a:jenkins:pipeline\\:_groovy:*:*:*:*:*:jenkins:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4331.v9d06ed4658ff"
        }
    ],
    "source": "CPE_RANGE"
}

Affected versions

2633.*
2633.v6baeedc13805
2640.*
2640.v00e79c8113de
2644.*
2644.v29a793dac95a
2646.*
2646.v6ed3b5b01ff1
2648.*
2648.va9433432b33c
2656.*
2656.vf7a_e7b_75a_457
2659.*
2659.v52d3de6044d0
2660.*
2660.vb_c0412dc4e6d
2680.*
2680.vf642ed4fa_d55
2682.*
2682.va_473dcddc941
2683.*
2683.vd0a_8f6a_1c263
2686.*
2686.v7c37e0578401
2687.*
2687.v3f09155513c1
2688.*
2688.v39a_b_e5c49a_65
2689.*
2689.v434009a_31b_f1
2692.*
2692.v76b_089ccd026
2705.*
2705.v0449852ee36f
2706.*
2706.v71dd22b_c5a_a_2
2710.*
2710.vcd48b_b_9e0e7d
2725.*
2725.v7b_c717eb_12ce
2729.*
2729.vea_17b_79ed57a_
2746.*
2746.v0da_83a_332669
2759.*
2759.v87459c4eea_ca_
2784.*
2784.vd252824b_4eb_9
2801.*
2801.vf82a_b_b_e3e8a_5
2802.*
2802.v5ea_628154b_c2
3520.*
3520.va_8fc49e2f96f
3536.*
3536.vb_8a_6628079d5
3565.*
3565.v4b_d9b_8c29a_b_3
3581.*
3581.v2b_e4c99c76ed
3583.*
3583.v4f58de0d78d5
3601.*
3601.v9b_36a_d99e1cc
3606.*
3606.v0b_d8b_e512dcf
3611.*
3611.v201b_d9f9eb_f7
3616.*
3616.vb_2e7168f4b_0c
3618.*
3618.v13db_a_21f0fcf
3624.*
3624.v43b_a_38b_62b_b_7
3626.*
3626.v4eb_a_7d8b_2fa_4
3629.*
3629.v8177e69e359a_
3635.*
3635.vedb_8602eefa_c
3637.*
3637.v63b_c17e0ed5b_
3641.*
3641.vf58904a_b_b_5d8
3651.*
3651.ve2e99a_4f4a_e5
3653.*
3653.v07ea_433c90b_4
3659.*
3659.v582dc37621d8
3668.*
3668.v1763b_b_6ccffd
3673.*
3673.v5b_dd74276262
3691.*
3691.v28b_14c465a_b_b_
3693.*
3693.vd5c06270e4dc
3697.*
3697.vb_470e454c232
3705.*
3705.va_6a_c2775a_c17
3713.*
3713.vd671d4321509
3717.*
3717.va_180a_fe9d3cd
3722.*
3722.v85ce2a_c6240b_
3726.*
3726.v83f8cff396c9
3728.*
3728.vd5c88eef9154
3731.*
3731.ve4b_5b_857b_a_d3
3732.*
3732.vb_77c00a_57e12
3740.*
3740.v6d35b_4ed5f9f
3744.*
3744.v6f2c0fe0e54d
3767.*
3767.vdd3e0a_65b_ef3
3769.*
3769.v8b_e595e4d40d
3773.*
3773.v505e0052522c
3774.*
3774.v4a_d648d409ce
3785.*
3785.vee73da_b_9544e
3787.*
3787.v8f5dcd14a_fa_c
3791.*
3791.va_c0338ea_b_59c
3793.*
3793.v65dec41c3a_c3
3802.*
3802.vd42b_fcf00b_a_c
3805.*
3805.v769b_b_74b_db_14
3806.*
3806.va_3a_6988277b_2
3812.*
3812.vc3031a_b_a_c955
3817.*
3817.vd20b_7e2b_692b_
3821.*
3821.v9d3888c583b_1
3826.*
3826.v3b_5707fe44da_
3832.*
3832.vc43e04d6d68c
3835.*
3835.vc2a_8f9167e92
3837.*
3837.v305192405b_c0
3853.*
3853.vb_a_490d892963
3859.*
3859.v7f65cc865019
3867.*
3867.v535458ce43fd
3880.*
3880.vb_ef4b_5cfd270
3883.*
3883.vb_3ff2a_e3eea_f
3889.*
3889.v937e0b_3412d3
3894.*
3894.vd0f0248b_a_fc4
3903.*
3903.v48a_8836749e9
3908.*
3908.vd6b_b_5a_a_54010
3922.*
3922.va_f73b_7c4246b_
3943.*
3943.v3519a_3260660
3946.*
3946.v7935cb_edb_f82
3953.*
3953.v19f11da_8d2fa_
3961.*
3961.ve48ee2c44a_b_3
3964.*
3964.v0767b_4b_a_0b_fa_
3969.*
3969.vdc9d3a_efcc6a_
3975.*
3975.v567e2a_1ffa_22
3990.*
3990.vd281dd77a_388
3993.*
3993.v3e20a_37282f8
3996.*
3996.va_f5c1799f978
4000.*
4000.v5198556e9cea_
4002.*
4002.v80ca_d0f47d7f
4003.*
4003.vf9c56141493e
4007.*
4007.vd705fc76a_34e
4009.*
4009.v0089238351a_9
4011.*
4011.v91e9951fa_d5b_
4014.*
4014.vcd7dc51d8b_30
4018.*
4018.vf02e01888da_f
4030.*
4030.v7c3a_975886a_8
4032.*
4032.vf3248d9c3fee
4039.*
4039.vd58c465ea_71a_
4043.*
4043.va_fb_de6a_a_8b_f5
4045.*
4045.v0efb_cb_7cea_e9
4046.*
4046.v90b_1b_9edec67
4050.*
4050.v8b_a_69b_587c39
4080.*
4080.va_15b_44a_91525
4106.*
4106.v7a_8a_8176d450
4117.*
4117.vc0f3c515a_a_a_0
4146.*
4146.v475b_8013e282
4150.*
4150.ve20ca_b_a_a_2815
4151.*
4151.v5406e29e3c90
4165.*
4165.vf547819734da_
4168.*
4168.v7ea_f89c358b_d
4169.*
4169.vb_7e492a_1c7b_e
4173.*
4173.v4a_1fd14533f1
4175.*
4175.ve65b_fa_663eed
4177.*
4177.vb_203fe395445
4183.*
4183.v94b_6fd39da_c1
4204.*
4204.v2894b_cd7b_92f
4209.*
4209.v83c4e257f1e9
4218.*
4218.vff679a_5c0f3a_
4238.*
4238.va_6fb_65c1f699
4250.*
4250.v2eecc0881a_e6
4252.*
4252.v465f588eb_52f
4253.*
4253.vc894cd5750c6
4254.*
4254.v0c8e228524ea_
4255.*
4255.vd9c37f80fd8a_
4256.*
4256.v991a_f1991c03
4257.*
4257.vb_2e202808577
4258.*
4258.v55f7f1691526
4259.*
4259.vf653c2b_8a_b_69
4261.*
4261.va_1fa_c7e4db_da_
4262.*
4262.va_74628df1ff2
4263.*
4263.vd2edf31c1db_0
4275.*
4275.vb_0565eb_a_3d36
4285.*
4285.v8df38f05c3c5
4303.*
4303.v8fa_2a_581f0a_6
4315.*
4315.va_e456c4e7f4f
4331.*
4331.v9d06ed4658ff
workflow-cps-2.*
workflow-cps-2.0
workflow-cps-2.1
workflow-cps-2.10
workflow-cps-2.11
workflow-cps-2.12
workflow-cps-2.13
workflow-cps-2.14
workflow-cps-2.15
workflow-cps-2.16
workflow-cps-2.17
workflow-cps-2.18
workflow-cps-2.19
workflow-cps-2.2
workflow-cps-2.20
workflow-cps-2.21
workflow-cps-2.22
workflow-cps-2.23
workflow-cps-2.24
workflow-cps-2.25
workflow-cps-2.26
workflow-cps-2.27
workflow-cps-2.28
workflow-cps-2.29
workflow-cps-2.3
workflow-cps-2.30
workflow-cps-2.31
workflow-cps-2.32
workflow-cps-2.33
workflow-cps-2.34
workflow-cps-2.35
workflow-cps-2.36
workflow-cps-2.39
workflow-cps-2.4
workflow-cps-2.40
workflow-cps-2.41
workflow-cps-2.42
workflow-cps-2.43
workflow-cps-2.44
workflow-cps-2.45
workflow-cps-2.46
workflow-cps-2.47
workflow-cps-2.48
workflow-cps-2.49
workflow-cps-2.5
workflow-cps-2.50
workflow-cps-2.51
workflow-cps-2.52
workflow-cps-2.53
workflow-cps-2.54
workflow-cps-2.55
workflow-cps-2.56
workflow-cps-2.57
workflow-cps-2.58
workflow-cps-2.58-beta-1
workflow-cps-2.59
workflow-cps-2.6
workflow-cps-2.60
workflow-cps-2.61
workflow-cps-2.62
workflow-cps-2.63
workflow-cps-2.64
workflow-cps-2.65
workflow-cps-2.66
workflow-cps-2.67
workflow-cps-2.68
workflow-cps-2.69
workflow-cps-2.7
workflow-cps-2.70
workflow-cps-2.71
workflow-cps-2.72
workflow-cps-2.73
workflow-cps-2.74
workflow-cps-2.75
workflow-cps-2.76
workflow-cps-2.77
workflow-cps-2.78
workflow-cps-2.79
workflow-cps-2.8
workflow-cps-2.80
workflow-cps-2.81
workflow-cps-2.82
workflow-cps-2.83
workflow-cps-2.84
workflow-cps-2.85
workflow-cps-2.86
workflow-cps-2.87
workflow-cps-2.88
workflow-cps-2.89
workflow-cps-2.9
workflow-cps-2.90
workflow-cps-2.91
workflow-cps-2.92
workflow-cps-2.93
workflow-cps-2.94

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-57283.json"