249 matches found
CVE-2019-10400
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10394
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10393
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts...
Security feature bypass
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts...
Security feature bypass
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts...
Security feature bypass
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10394
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10400
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10399
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10393
The CVE-2019-10393 entry concerns a sandbox bypass in Jenkins Script Security Plugin (version 1.62 and earlier). The connected documents describe a flaw in how method names are handled in method call expressions, which could allow an attacker to bypass the sandbox and execute arbitrary code withi...
CVE-2019-10399
The CVE-2019-10399 entry concerns Jenkins Script Security Plugin (versions 1.62 and earlier). The root cause is in the handling of property names within property expressions in increment/decrement expressions, enabling attackers to execute arbitrary code within sandboxed scripts. The available co...
CVE-2019-10400
The connected advisories identify a sandbox bypass in Jenkins Script Security Plugin affecting versions 1.62 and earlier, caused by improper handling of subexpressions in increment/decrement expressions not involving assignment. Impact: attackers could run arbitrary code within sandboxed Groovy s...
PT-2019-11788 · Jenkins · Jenkins Script Security Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.62 and earlier Description: A sandbox bypass issue related to the handling of property names in property expressions on the left-hand side of assignment expressions allows attackers to execute arbitra...
PT-2019-11793 · Jenkins · Jenkins Script Security Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.62 and earlier Description: A sandbox bypass issue related to the handling of property names in property expressions in increment and decrement expressions allows attackers to execute arbitrary code i...
CloudBees Jenkins Script Security Plugin Security Feature Issue Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Script Security Plugin is used in one of the...
CloudBees Jenkins Script Security plugin security feature issue vulnerability (CNVD-2019-26374)
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Script Security Plugin is used in one of the...
CVE-2019-10356
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10355
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10355
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10356
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts...