Script Security Security Vulnerabilities and Issues — Script Security CVE List

Lucene search

JenkinsScript Security

5 matches found

CVE•added 2022/05/17 3:15 p.m.•118 views

CVE-2022-30946

A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.

4.3CVSS4.7AI score0.00044EPSS

CVE•added 2019/09/12 2:15 p.m.•109 views

CVE-2019-10394

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts.

4.9CVSS5AI score0.00221EPSS

CVE•added 2019/09/12 2:15 p.m.•108 views

CVE-2019-10399

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts.

4.9CVSS5.1AI score0.00221EPSS

CVE•added 2019/09/12 2:15 p.m.•101 views

CVE-2019-10393

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts.

4.9CVSS5.1AI score0.00221EPSS

CVE•added 2019/09/12 2:15 p.m.•99 views

CVE-2019-10400

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts.

4.9CVSS5.2AI score0.00221EPSS