Unsafe methods in the default list of approved signatures in Jenkins Script Security Plugin

The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAtObject, String, Object; DefaultGroovyMethods.getAtObject, String. These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild'rawBuild' rather than...

GHSA-M68X-CC2F-GR5H Unsafe methods in the default list of approved signatures in Jenkins Script Security Plugin

The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAtObject, String, Object; DefaultGroovyMethods.getAtObject, String. These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild'rawBuild' rather than...

GHSA-R5C7-QCC9-5V7M Jenkins Pipeline Classpath Step plugin allowed Script Security sandbox bypass

It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.g. Job/Configure permission in Jenkins...

Jenkins Pipeline Classpath Step plugin allowed Script Security sandbox bypass

It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.g. Job/Configure permission in Jenkins...

Jenkins Script Security Plugin sandbox bypass vulnerability

The previously implemented script security sandbox protections prohibiting the use of unsafe AST transforming annotations such as @Grab 2019-01-08 fix for SECURITY-1266 could be circumvented through use of various Groovy language features: - Use of AnnotationCollector - Import aliasing -...

GHSA-X6JX-CXG3-MGGH Jenkins Pipeline Declarative Plugin sandbox bypass vulnerability

Jenkins Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. This allowed users with...

Jenkins Pipeline Declarative Plugin sandbox bypass vulnerability

Jenkins Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. This allowed users with...

Protection Mechanism Failure in Jenkins Script Security Plugin

A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM...

GHSA-784J-H234-M56X Protection Mechanism Failure in Jenkins Script Security Plugin

A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM...

GHSA-3PV3-JJ4H-P528 Sandbox bypass vulnerability in Jenkins Script Security Plugin

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts...

Sandbox bypass vulnerability in Jenkins Script Security Plugin

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts...

Jenkins Groovy Plugin sandbox bypass vulnerability

A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.1 and earlier in pom.xml, src/main/java/hudson/plugins/groovy/StringScriptSource.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM. Groovy Plugin 2.2 uses Script Security API...

GHSA-FM3J-R98G-97JH Jenkins Groovy Plugin sandbox bypass vulnerability

A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.1 and earlier in pom.xml, src/main/java/hudson/plugins/groovy/StringScriptSource.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM. Groovy Plugin 2.2 uses Script Security API...

GHSA-XVXQ-HQ48-XPHM Sandbox bypass in Script Security Plugin

A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with...

Sandbox bypass in Script Security Plugin

A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with...

Sandbox Bypass in Script Security Plugin

A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result i...

Jenkins Script Security Plugin Sandbox Bypass Vulnerability

Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox...

CVE-2022-28284

SVG's use element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with...

VulnCheck KEV: CVE-2019-1003029

Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox...

3 Steps to Integrate Rapid7 Products Into the DevSecOps Cycle

DevSecOps is the concept and practice of integrating security into the DevOps cycle. The idea is to bring the different phases of security into the DevOps model and try to automate the entire process, so security is integrated directly into the initial application builds. In this post, we’ll take...