3 matches found
Unsafe Dependency Resolution
Overview org.jenkins-ci.plugins:script-security is a package that allows Jenkins administrators to control what in-process scripts can be run by less-privileged users. Affected versions of this package are vulnerable to Unsafe Dependency Resolution via Groovy AST transformation annotations during...
Script security bypass vulnerability in script-security
script-security 1402.v94c9ce464861 and earlier does not reject Groovy AST transformation annotations such as @CompileStatic and @TypeChecked that carry an extensions member, which causes Groovy to load and execute a script from the classpath at compile time, before the sandbox is applied. This ma...
jenkins-plugin-pipeline-model-definition: Sandbox Bypass in Pipeline: Declarative
A flaw was found in Jenkins Pipeline. Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. This allows users with Overall/Read permission, or able to control Jenkinsfile or...