CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-10356 – jenkins-plugin-script-security: Sandbox bypass through method pointer expressions in Script Security Plugin
https://notcve.org/view.php?id=CVE-2019-10356
31 Jul 2019 — A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts. Una vulnerabilidad de omisión de sandbox en el Plugin Script Security de Jenkins versión 1.61 y anteriores, relacionada con el manejo de expresiones de puntero de método permitió a los atacantes ejecutar código arbitrario en scripts del sandbox. A flaw was found in the Jenkins Script Security plugin. Sandbox ... • http://www.openwall.com/lists/oss-security/2019/07/31/1 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2019-1003040 – jenkins-plugin-script-security: Sandbox bypass in Script Security Plugin and Pipeline: Groovy Plugin (SECURITY-1353)
https://notcve.org/view.php?id=CVE-2019-1003040
28 Mar 2019 — A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts. Una vulnerabilidad de omisión de sandbox en Jenkins Script Security Plugin, en sus versiones 1.55 y anteriores, permite a los atacantes invocar constructores arbitrarios en los scripts en "sandbox". A flaw was found in the Jenkins Script Security plugin. Groovy Plugins could be circumvented through methods supporting type casts and type coercion allowing a... • http://www.openwall.com/lists/oss-security/2019/03/28/2 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') CWE-704: Incorrect Type Conversion or Cast •
CVSS: 9.9EPSS: 93%CPEs: 2EXPL: 1CVE-2019-1003029 – Jenkins Script Security Plugin Sandbox Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-1003029
08 Mar 2019 — A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM. Existe una vulnerabilidad de omisión de sandbox en Jenkins Script Security Plugin, en la versión 1.53 y anteriores en src/main/java/org/jenk... • https://packetstorm.news/files/id/166778 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-1003024 – jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin (SECURITY-1320)
https://notcve.org/view.php?id=CVE-2019-1003024
20 Feb 2019 — A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM. Existe una vulnerabilidad de omisión de sandbox en Jenkins Script Security Plugin, en versiones 1.52 y anteriores, en RejectASTTransformsCustomizer.java, que permite que los atacantes con permisos Overall/Read propor... • http://www.securityfocus.com/bid/107295 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 8.8EPSS: 76%CPEs: 1EXPL: 1CVE-2019-1003005 – jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin (SECURITY-1292)
https://notcve.org/view.php?id=CVE-2019-1003005
06 Feb 2019 — A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM. Existe una vulnerabilidad de omisión de sandbox en Jenkins Script Security Plugin, en versiones 1.50 y anteriores, en src/main/java/org/jenkinsci/plugins/scripts... • https://packetstorm.news/files/id/166778 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 8.8EPSS: 94%CPEs: 2EXPL: 11CVE-2019-1003000 – Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-1003000
22 Jan 2019 — A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM. Existe una vulnerabilidad de omisión de sandbox en Script Security Plugin versión 1.49 y anteriores, en src/main/java/org/jenkinsc/plugins/scriptsecurity/sandbox/ groovy/GroovySandbox.java que permite a los atacantes la ca... • https://packetstorm.news/files/id/152132 •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1000865
https://notcve.org/view.php?id=CVE-2018-1000865
10 Dec 2018 — A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed. Existe una vulnerabilidad de omisión de sandbox en Script Security Plugin 1.47 y anteriores en groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java que permite que l... • https://access.redhat.com/errata/RHBA-2019:0326 • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1000505
https://notcve.org/view.php?id=CVE-2017-1000505
25 Jan 2018 — In Jenkins Script Security Plugin version 1.36 and earlier, users with the ability to configure sandboxed Groovy scripts are able to use a type coercion feature in Groovy to create new `File` objects from strings. This allowed reading arbitrary files on the Jenkins master file system. Such a type coercion is now subject to sandbox protection and considered to be a call to the `new File(String)` constructor for the purpose of in-process script approval. En las versiones 1.36 y anteriores del plugin Script Se... • https://jenkins.io/security/advisory/2017-12-11 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1000095
https://notcve.org/view.php?id=CVE-2017-1000095
04 Oct 2017 — The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild['rawBuild'] rather than currentBuild.rawBuild. Additionally, the following entries allowed accessing private data that would not be accessible otherwise due to script security: groovy.json.JsonOutput.toJson(Closure); groovy.json.JsonO... • https://jenkins.io/security/advisory/2017-07-10 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1000107
https://notcve.org/view.php?id=CVE-2017-1000107
04 Oct 2017 — Script Security Plugin did not apply sandboxing restrictions to constructor invocations via positional arguments list, super constructor invocations, method references, and type coercion expressions. This could be used to invoke arbitrary constructors and methods, bypassing sandbox protection. El plugin Script Security no aplica las restricciones de sandboxing para las invocaciones de constructores mediante listas de argumentos posicionales, invocaciones de superconstructores, referencias de métodos y expre... • https://jenkins.io/security/advisory/2017-08-07 •