Jenkins Splunk Plugin Sandbox Bypass

Jenkins Splunk Plugin has a form validation HTTP endpoint used to validate a user-submitted Groovy script through compilation, which was not subject to sandbox protection. This allowed attackers with Overall/Read access to execute arbitrary code on the Jenkins controller by applying AST...

jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin (SECURITY-1292)

A flaw was found in the Jenkins Script Security plugin through version 1.50. The fix for CVE-2019-1003000 was found to be incomplete. Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code...

PT-2019-11304 · Jenkins · Jenkins Groovy Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Groovy Plugin versions 2.0 and earlier Description: A sandbox bypass issue allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint, resulting in arbitrary code execution on the Jenkins master JVM...

Mandriva Update for mono MDVA-2010:155 (mono)

Check for the Version of mono OpenVAS Vulnerability Test Mandriva Update for mono MDVA-2010:155 mono Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...