CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 1CVE-2019-1003029 – Jenkins Script Security Plugin Sandbox Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-1003029
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM. • https://github.com/orangetw/awesome-jenkins-rce-2019 http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html http://www.securityfocus.com/bid/107476 https://access.redhat.com/errata/RHSA-2019:0739 https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20%281%29 https://access.redhat.com/security/cve/CVE-2019-1003029 https://bugzilla.redhat.com/show_bug.cgi?id=1689873 https://jenkins.io/security/advisory/2019-01-08 https://blog.orange.tw/2019/01& • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-1003031 – jenkins-matrix-project-plugin: sandbox bypass in matrix project plugin
https://notcve.org/view.php?id=CVE-2019-1003031
A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM. • http://www.securityfocus.com/bid/107476 https://access.redhat.com/errata/RHSA-2019:0739 https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339 https://access.redhat.com/security/cve/CVE-2019-1003031 https://bugzilla.redhat.com/show_bug.cgi?id=1689886 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-1003034 – jenkins-job-dsl-plugin: Script security sandbox bypass in Job DSL Plugin (SECURITY-1342)
https://notcve.org/view.php?id=CVE-2019-1003034
A sandbox bypass vulnerability exists in Jenkins Job DSL Plugin 1.71 and earlier in job-dsl-core/src/main/groovy/javaposse/jobdsl/dsl/AbstractDslScriptLoader.groovy, job-dsl-plugin/build.gradle, job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/JobDslWhitelist.groovy, job-dsl-plugin/src/main/groovy/javaposse/jobdsl/plugin/SandboxDslScriptLoader.groovy that allows attackers with control over Job DSL definitions to execute arbitrary code on the Jenkins master JVM. • http://www.securityfocus.com/bid/107476 https://access.redhat.com/errata/RHSA-2019:0739 https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1342 https://access.redhat.com/security/cve/CVE-2019-1003034 https://bugzilla.redhat.com/show_bug.cgi?id=1690663 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-1003024 – jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin (SECURITY-1320)
https://notcve.org/view.php?id=CVE-2019-1003024
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM. • http://www.securityfocus.com/bid/107295 https://access.redhat.com/errata/RHSA-2019:0739 https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1320 https://access.redhat.com/security/cve/CVE-2019-1003024 https://bugzilla.redhat.com/show_bug.cgi?id=1684556 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 8.2EPSS: 0%CPEs: 11EXPL: 0CVE-2019-8308 – flatpak: potential /proc based sandbox escape
https://notcve.org/view.php?id=CVE-2019-8308
Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file. Flatpak, en versiones anteriores a la 1.0.7 y en versiones 1.1.x y 1.2.x anteriores a la 1.2.3, expone /proc en el sandbox de script apply_extra, lo que permite que los atacantes modifiquen un archivo ejecutable del lado del host. A flaw was found in flatpak. In certain special cases, installing flatpak applications and runtimes system-wide may allow an attacker to escape the flatpak sandbox. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00088.html https://access.redhat.com/errata/RHSA-2019:0375 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922059 https://github.com/flatpak/flatpak/releases/tag/1.0.7 https://github.com/flatpak/flatpak/releases/tag/1.2.3 https://access.redhat.com/security/cve/CVE-2019-8308 https://bugzilla.redhat.com/show_bug.cgi?id=1675070 • CWE-668: Exposure of Resource to Wrong Sphere CWE-672: Operation on a Resource after Expiration or Release •