CVSS: 9.8EPSS: 1%CPEs: 41EXPL: 0CVE-2019-9636 – python: Information Disclosure due to urlsplit improper NFKC normalization
https://notcve.org/view.php?id=CVE-2019-9636
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00097.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://www.securityfocus.com/bid/107400 https://access. • CWE-172: Encoding Error •
CVSS: 9.9EPSS: 9%CPEs: 2EXPL: 1CVE-2019-1003030 – Jenkins Matrix Project Plugin Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-1003030
A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM. Existe una vulnerabilidad de omisión de sandbox en Jenkins Pipeline: Groovy Plugin, en versiones 2.63 y anteriores en pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java, permite a los atacantes capacitados para controlar los scripts de tuberías ejecutar código arbitrario en el maestro JVM de Jenkins. A flaw was found in the Jenkins Workflow CPS plugin. Parsing, compilation, and script instantiations provided by a crafted Groovy script could escape the sandbox allowing users to execute arbitrary code on the Jenkins master. The highest risk from this vulnerability is to data confidentiality and integrity as well as system availability. • https://www.exploit-db.com/exploits/48904 http://packetstormsecurity.com/files/159603/Jenkins-2.63-Sandbox-Bypass.html http://www.securityfocus.com/bid/107476 https://access.redhat.com/errata/RHSA-2019:0739 https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20%282%29 https://access.redhat.com/security/cve/CVE-2019-1003030 https://bugzilla.redhat.com/show_bug.cgi?id=1690665 • CWE-20: Improper Input Validation •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 1CVE-2019-1003029 – Jenkins Script Security Plugin Sandbox Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-1003029
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM. Existe una vulnerabilidad de omisión de sandbox en Jenkins Script Security Plugin, en la versión 1.53 y anteriores en src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, que permite a los atacantes con permisos de "Overall/Read" ejecutar código arbitrario en el maestro JVM de Jenkins. A flaw was found in the Jenkins Script Security plugin version 1.53. An attacker with Overall/Read permissions is able to escape the sandbox and execute arbitrary code on the Jenkins master JVM. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://github.com/orangetw/awesome-jenkins-rce-2019 http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html http://www.securityfocus.com/bid/107476 https://access.redhat.com/errata/RHSA-2019:0739 https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20%281%29 https://access.redhat.com/security/cve/CVE-2019-1003029 https://bugzilla.redhat.com/show_bug.cgi?id=1689873 https://jenkins.io/security/advisory/2019-01-08 https://blog.orange.tw/2019/01& • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-1003031 – jenkins-matrix-project-plugin: sandbox bypass in matrix project plugin
https://notcve.org/view.php?id=CVE-2019-1003031
A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM. Existe una vulnerabilidad de omisión de sandbox en el plugin Jenkins Matrix Project, en versiones 1.13 y anteriores, en pom.xml, src/main/java/hudson/matrix/FilterScript.java, que permite a los atacantes con permisos de "Job/Configure" ejecutar código arbitrario en el maestro JVM de Jenkins. A flaw was found in the Jenkins Matrix Project plugin version 1.13. An attacker with Job/Configure permission can bypass the sandbox and can execute arbitrary code on the Jenkins master JVM. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://www.securityfocus.com/bid/107476 https://access.redhat.com/errata/RHSA-2019:0739 https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339 https://access.redhat.com/security/cve/CVE-2019-1003031 https://bugzilla.redhat.com/show_bug.cgi?id=1689886 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-1003034 – jenkins-job-dsl-plugin: Script security sandbox bypass in Job DSL Plugin (SECURITY-1342)
https://notcve.org/view.php?id=CVE-2019-1003034
A sandbox bypass vulnerability exists in Jenkins Job DSL Plugin 1.71 and earlier in job-dsl-core/src/main/groovy/javaposse/jobdsl/dsl/AbstractDslScriptLoader.groovy, job-dsl-plugin/build.gradle, job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/JobDslWhitelist.groovy, job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/SandboxDslScriptLoader.groovy that allows attackers with control over Job DSL definitions to execute arbitrary code on the Jenkins master JVM. Existe una vulnerabilidad de omisión de sandbox en el plugin Jenkins Job DSL, en versiones 1.71 y anteriores, en job-dsl-core/src/main/groovy/javaposse/jobdsl/dsl/AbstractDslScriptLoader.groovy, job-dsl-plugin/build.gradle, job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/JobDslWhitelist.groovy y job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/SandboxDslScriptLoader.groovy que permite a los atacantes con control sobre las definiciones DSL "Job" ejecutar código arbitrario en el maestro JVM de Jenkins. A flaw was found in the Jenkins Job DSL plugin. Parsing, compilation, and script instantiations provided by a crafted Groovy script could escape the sandbox allowing users to execute arbitrary code on the Jenkins master. The highest risk from this vulnerability is to data confidentiality and integrity as well as system availability. • http://www.securityfocus.com/bid/107476 https://access.redhat.com/errata/RHSA-2019:0739 https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1342 https://access.redhat.com/security/cve/CVE-2019-1003034 https://bugzilla.redhat.com/show_bug.cgi?id=1690663 • CWE-20: Improper Input Validation •