Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJenkinsCVELIST:CVE-2019-1003024
HistoryFeb 20, 2019 - 9:00 p.m.

CVE-2019-1003024

2019-02-2021:00:00
jenkins
www.cve.org

0.005 Low

EPSS

Percentile

77.3%

JSON

A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.

CNA Affected

[
  {
    "product": "Jenkins Script Security Plugin",
    "vendor": "Jenkins project",
    "versions": [
      {
        "status": "affected",
        "version": "1.52 and earlier"
      }
    ]
  }
]

Related

redhatcve 1
prion 1
nvd 1
osv 2
cve 1
veracode 1
github 1
redhat 1
nessus 1
redhatcve
redhatcve
CVE-2019-1003024
2020-04-03 14:12:41
prion
prion
Security feature bypass
2019-02-20 21:29:00
nvd
nvd
CVE-2019-1003024
2019-02-20 21:29:00
osv
osv
CVE-2019-1003024
2019-02-20 21:29:00
Jenkins Script Security Plugin sandbox bypass vulnerability
2022-05-13 01:15:21
cve
cve
CVE-2019-1003024
2019-02-20 21:29:00
veracode
veracode
Sandbox Protection Bypass
2019-05-16 03:58:57
github
github
Jenkins Script Security Plugin sandbox bypass vulnerability
2022-05-13 01:15:21
redhat
redhat
(RHSA-2019:0739) Important: Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins security update
2019-04-10 18:27:43
nessus
nessus
RHEL 7 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:0739)
2019-04-11 00:00:00

0.005 Low

EPSS

Percentile

77.3%

JSON
Related for CVELIST:CVE-2019-1003024
redhatcve1prion1nvd1osv2cve1veracode1github1redhat1nessus1