609 matches found
CVE-2020-2110
Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations...
Design/Logic Flaw
Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations...
CVE-2020-2110
Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations...
CVE-2020-2110
CVE-2020-2110 concerns the Jenkins Script Security Plugin (1.69 and earlier) where sandbox protection could be bypassed during script compilation by using AST transforming annotations on imports or inside other annotations. This vulnerability enables arbitrary code execution within sandboxed scri...
PT-2020-15317 · Jenkins · Jenkins Script Security Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.69 and earlier Description: The issue allows sandbox protection to be circumvented during the script compilation phase. This can be achieved by applying AST transforming annotations to imports or by...
VulnCheck KEV: CVE-2019-1003000
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM...
jenkins-script-security-plugin: handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts...
jenkins-script-security-plugin: handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts...
jenkins-script-security: Sandbox bypass vulnerability in Script Security Plugin
A flaw was found in the Jenkins Script Security plugin. Sandbox protection could be circumvented through default parameter expressions in constructors. This allowed attackers, able to specify and run sandboxed scripts, to execute arbitrary code in the context of the Jenkins master JVM. The highes...
jenkins-script-security-plugin: handling of property names in property expressions on the left-hand side of assignment expression leads to execute arbitrary code in sandboxed scripts
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts...
jenkins-script-security-plugin: handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts...
jenkins-script-security-plugin: handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts...
jenkins-script-security-plugin: handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts...
jenkins-script-security-plugin: handling of property names in property expressions on the left-hand side of assignment expression leads to execute arbitrary code in sandboxed scripts
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts...
jenkins-script-security: Sandbox bypass vulnerability in Script Security Plugin
A flaw was found in the Jenkins Script Security plugin. Sandbox protection could be circumvented through default parameter expressions in constructors. This allowed attackers, able to specify and run sandboxed scripts, to execute arbitrary code in the context of the Jenkins master JVM. The highes...
jenkins-script-security-plugin: handling of property names in property expressions on the left-hand side of assignment expression leads to execute arbitrary code in sandboxed scripts
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts...
jenkins-script-security: Sandbox bypass vulnerability in Script Security Plugin
A flaw was found in the Jenkins Script Security plugin. Sandbox protection could be circumvented through default parameter expressions in constructors. This allowed attackers, able to specify and run sandboxed scripts, to execute arbitrary code in the context of the Jenkins master JVM. The highes...
jenkins-script-security-plugin: handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts...
jenkins-script-security-plugin: handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts...
jenkins-script-security-plugin: handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts...