34 matches found
CVE-2019-1003029
CVE-2019-1003029 describes a sandbox bypass in Jenkins Script Security Plugin (versions ≤ 1.53) that lets attackers with Overall/Read permission execute arbitrary code on the Jenkins master JVM. Affected components are in the plugin’s Groovy sandbox: GroovySandbox.java and SecureGroovyScript.java...
CVE-2019-1003000
CVE-2019-1003000 is a sandbox bypass/remote code execution flaw in Jenkins via the Script Security Plugin (and depending on Groovy/Declarative plugins). Affected components include Script Security Plugin versions up to 1.49 and earlier, with vulnerable code in GroovySandbox.java that lets attacke...
CVE-2022-45379
CVE-2022-45379 affects Jenkins Script Security Plugin: versions 1189.vb_a_b_7c8fd5fde and earlier store whole-script approvals as the SHA-1 hash of the script, making them susceptible to SHA-1 collision attacks. Affected product: Jenkins Script Security Plugin (1189.vb_a_b_7c8fd5fde and earlier)....
CVE-2024-34144
CVE-2024-34144 affects Jenkins Script Security Plugin (1335.vf07d9ce377a_e and earlier). The vulnerability arises from crafted constructor bodies in the script sandbox, enabling sandbox bypass and execution of arbitrary code in the Jenkins controller JVM for users with scripting permissions. Conn...
CVE-2024-34145
CVE-2024-34145 is a sandbox bypass in Jenkins Script Security Plugin (pre-1335.vf07d9ce377a_e) that lets attackers with script permissions bypass sandbox protection and run arbitrary code in the Jenkins controller JVM via sandbox-defined classes shadowing non-sandbox-defined classes. Impact is ex...
CVE-2024-52549
CVE-2024-52549 affects Jenkins Script Security Plugin (1367.vdf2fc45f229c and earlier, with exceptions 1365.1367.va_3b_b_89f8a_95b_ and 1362.1364.v4cf2dc5d8776). The issue is a missing permission check in a form-validation method, allowing attackers with Overall/Read permission to determine wheth...
CVE-2023-24422
CVE-2023-24422 affects Jenkins Script Security Plugin (versions up to 1228.vd93135a_2fb_25 and earlier). The vulnerability is a sandbox bypass in map constructors that lets attackers with permission to define and run sandboxed scripts (including Pipelines) execute arbitrary code in the Jenkins co...
CVE-2022-43403
CVE-2022-43403 is a sandbox bypass in Jenkins Script Security Plugin prior to 1183.v774b_0b_0a_a_451, where casting an array-like value to an array type enables sandboxed pipelines to execute arbitrary code in the Jenkins controller JVM. Affected component: Jenkins Script Security Plugin (version...
CVE-2022-43401
CVE-2022-43401 is a critical sandbox bypass in Jenkins Script Security Plugin (versions up to 1183.v774b_0b_0a_a_451 and earlier). The vulnerability stems from a sandbox bypass caused by various implicit casts performed by the Groovy language runtime, allowing attackers with permission to define ...
CVE-2022-30946
CVE-2022-30946 is a CSRF vulnerability in Jenkins Script Security Plugin (affecting versions up to 1158.v7c1b_73a_69a_08 and earlier). An authenticated attacker can induce Jenkins to send an HTTP request to a attacker‑specified webserver, enabling malicious activity such as cross‑site scripting a...
CVE-2020-2134
CVE-2020-2134 relates to the Jenkins Script Security Plugin (versions up to 1.70) where sandbox protections could be bypassed by crafted constructor calls and bodies, enabling arbitrary code execution in the Jenkins controller JVM. The issue is documented in public advisories (GHSA/GHSA-GJ3Q-P8CM...
CVE-2022-43404
CVE-2022-43404: A sandbox bypass in Jenkins Script Security Plugin (versions up to 1183.v774b_0b_0a_a_451 and earlier) allows authenticated/authorized users to bypass the sandbox and execute arbitrary code in the Jenkins controller JVM via crafted constructor bodies and calls to sandbox-generated...
CVE-2019-10394
CVE-2019-10394 affects Jenkins Script Security Plugin up to v1.62. The vulnerability stems from how property names are handled in left-hand-side property expressions, enabling arbitrary code execution in sandboxed scripts. Connected advisories (e.g., GHSA-HVMX-5HV4-F235 and Red Hat RHSA entries) ...
CVE-2019-16538
CVE-2019-16538 is a sandbox bypass in Jenkins Script Security Plugin (1.67 and earlier) that allowed arbitrary code execution in sandboxed scripts. The issue is cited in multiple advisories (GHSA-62PM-MGRH-7P69 and RHSA-2020:3616/2737) and Red Hat OpenShift updates list the vulnerability as a fix...
CVE-2020-2135
Sandbox protection bypass in Jenkins Script Security Plugin (versions up to 1.70) can allow arbitrary code execution in sandboxed scripts. The root cause involves crafted constructor calls and bodies (SECURITY-582) and crafted method calls on objects implementing GroovyInterceptable. Mitigation: ...
CVE-2020-2190
The CVE-2020-2190 issue affects Jenkins Script Security Plugin (1.72 and earlier): it stored XSS due to improper escaping of pending/approved classpath entries on the In-process Script Approval page. Impact is stored cross-site scripting on affected Jenkins pages. CVSS metrics indicate low (2.0) ...
CVE-2020-2110
CVE-2020-2110 concerns the Jenkins Script Security Plugin (1.69 and earlier) where sandbox protection could be bypassed during script compilation by using AST transforming annotations on imports or inside other annotations. This vulnerability enables arbitrary code execution within sandboxed scri...
CVE-2019-10399
The CVE-2019-10399 entry concerns Jenkins Script Security Plugin (versions 1.62 and earlier). The root cause is in the handling of property names within property expressions in increment/decrement expressions, enabling attackers to execute arbitrary code within sandboxed scripts. The available co...
CVE-2019-10393
The CVE-2019-10393 entry concerns a sandbox bypass in Jenkins Script Security Plugin (version 1.62 and earlier). The connected documents describe a flaw in how method names are handled in method call expressions, which could allow an attacker to bypass the sandbox and execute arbitrary code withi...
CVE-2019-10431
CVE-2019-10431 relates to a sandbox bypass in Jenkins Script Security Plugin (versions 1.64 and earlier) where improper handling of default parameter expressions in constructors could allow an attacker to run arbitrary code in sandboxed scripts. The issue is described in the GitHub advisory GHSA-...
CVE-2019-10400
The connected advisories identify a sandbox bypass in Jenkins Script Security Plugin affecting versions 1.62 and earlier, caused by improper handling of subexpressions in increment/decrement expressions not involving assignment. Impact: attackers could run arbitrary code within sandboxed Groovy s...
CVE-2019-1003005
CVE-2019-1003005 describes a sandbox bypass in Jenkins Script Security Plugin (versions 1.50 and earlier) where an attacker with Overall/Read permission can supply a Groovy script to an HTTP endpoint, potentially leading to arbitrary code execution on the Jenkins master JVM. Public references (in...
CVE-2019-1003040
The CVE-2019-1003040 entry covers a sandbox bypass in Jenkins Script Security Plugin (versions 1.55 and earlier). The underlying issue allows an attacker to invoke arbitrary constructors from sandboxed Groovy scripts, effectively bypassing sandbox protections. Documented as a security vulnerabili...
CVE-2017-1000505
In Jenkins Script Security Plugin versions 1.36 and earlier, users who can configure sandboxed Groovy scripts could abuse a Groovy type coercion to create new File objects from strings, enabling reading arbitrary files on the Jenkins master filesystem. The entry notes this type coercion is now tr...
CVE-2018-1000865
CVE-2018-1000865 describes a sandbox bypass in Jenkins: Script Security Plugin 1.47 and earlier, via groovy-sandbox/SandboxTransformer.java, allows attackers with Job/Configure permission to run arbitrary code on the Jenkins master JVM if Groovy sandboxed plugins are installed. Connected referenc...
CVE-2019-10355
CVE-2019-10355 is a sandbox bypass in the Jenkins Script Security Plugin (versions up to 1.61 and earlier) that lets attackers escape the sandbox by exploiting how type casts are handled, enabling arbitrary code execution in sandboxed Groovy scripts. The vulnerability affected the plugin used wit...
CVE-2019-10356
CVE-2019-10356 is a sandbox bypass in Jenkins Script Security Plugin 1.61 and earlier, related to handling of method pointer expressions that could allow an attacker to execute arbitrary code in sandboxed scripts. The vulnerability is referenced across multiple advisories (Red Hat RHSA for OpenSh...
CVE-2020-2279
CVE-2020-2279 describes a sandbox bypass in Jenkins Script Security Plugin (versions 1.74 and earlier). The vulnerability lets attackers with permission to define sandboxed scripts craft return values or script bindings that can lead to arbitrary code execution on the Jenkins controller JVM. The ...
CVE-2019-1003024
CVE-2019-1003024 affects Jenkins Script Security Plugin
CVE-2017-1000095
CVE-2017-1000095 concerns the Jenkins Script Security plugin where the default whitelist contains unsafe entries (DefaultGroovyMethods.putAt and DefaultGroovyMethods.getAt) that bypass sandbox restrictions (e.g., via currentBuild['rawBuild'] vs currentBuild.rawBuild) and allow accessing private d...
CVE-2017-1000107
CVE-2017-1000107 affects the Jenkins Script Security Plugin. The root cause is that sandboxing restrictions were not applied to constructor invocations via positional argument lists, super constructors, method references, or type coercion expressions, allowing potential bypass of sandbox protecti...
CVE-2026-42519
The provided documents describe CVE-2026-42519 as a vulnerability in the Jenkins Script Security Plugin (version 1399.ve6a_66547f6e1 and earlier). The root cause is a missing permission check that permits users with Overall/Read permission to enumerate pending and approved Script Security classpa...
CVE-2016-3102
The CVE-2016-3102 issue affects the Jenkins Script Security plugin prior to 1.18.1, where a plugin that performs direct field access or get/set array operations could bypass the Groovy sandbox protection. Affected product: Jenkins Script Security plugin (versions
CVE-2026-57280
The CVE-2026-57280 affects Jenkins Script Security Plugin (versions up to and including 1402.v94c9ce464861). The issue is that sandboxed Groovy scripts do not intercept implicit type casts in elements of typed for-each loops, which can allow a user-supplied script to invoke arbitrary constructors...