32 matches found
CVE-2022-30946
A cross-site request forgery CSRF vulnerability in Jenkins Script Security Plugin 1158.v7c1b73a69a08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver...
CVE-2022-30946
A cross-site request forgery CSRF vulnerability in Jenkins Script Security Plugin 1158.v7c1b73a69a08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver...
Security feature bypass
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts...
Security feature bypass
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-1003040
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts...
PT-2019-2578 · Jenkins · Jenkins Script Security Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.55 and earlier Description: The issue is related to a sandbox bypass vulnerability in the Jenkins Script Security Plugin, which is caused by incorrect type conversion. This allows a remote attacker to...
CloudBees Jenkins Script Security Plugin Sandbox Bypass Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A sandbox bypass vulnerabilit...
PT-2019-2298 · Jenkins · Jenkins Script Security Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.52 and earlier Description: A sandbox bypass issue exists that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM by providing a Groovy script to an HTTP...
Security feature bypass
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result i...
Fedora Update for jenkins-script-security-plugin FEDORA-2015-5643
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : jenkins-script-security-plugin-1.13-2.fc21 / groovy-sandbox-1.8-1.fc21 / etc (2015-5637)
Fix CVE-2015-1806 SECURITY-125 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora Update for jenkins-script-security-plugin FEDORA-2015-5637
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...