CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1000865
https://notcve.org/view.php?id=CVE-2018-1000865
A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed. • https://access.redhat.com/errata/RHBA-2019:0326 https://access.redhat.com/errata/RHBA-2019:0327 https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1000866
https://notcve.org/view.php?id=CVE-2018-1000866
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers with Job/Configure permission, or unauthorized attackers with SCM commit privileges and corresponding pipelines based on Jenkinsfiles set up in Jenkins, to execute arbitrary code on the Jenkins master JVM Existe una vulnerabilidad de omisión del sandbox en Pipeline: Groovy Plugin 2.59 y anteriores en groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java y groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java que permite que los atacantes con el permiso Job/Configure, o atacantes no autorizados con privilegios del commit SCM y las pipelines basadas en Jenkinsfiles establecidas en Jenkins, ejecuten código arbitrario en el maestro JVM de Jenkins. • https://access.redhat.com/errata/RHBA-2019:0326 https://access.redhat.com/errata/RHBA-2019:0327 https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18748
https://notcve.org/view.php?id=CVE-2018-18748
Sandboxie 5.26 allows a Sandbox Escape via an "import os" statement, followed by os.system("cmd") or os.system("powershell"), within a .py file. • https://github.com/sandboxescape/Sandboxie-5.26-Sandbox-Escape-Exploit https://github.com/sandboxescape/Sandboxie-5.26-Sandbox-Escape-Exploit/blob/2632a5f7409e52b2e020f5d4467fa019f9095e73/README.doc •
CVSS: 9.6EPSS: 1%CPEs: 5EXPL: 0CVE-2018-17462 – chromium-browser: Sandbox escape in AppCache
https://notcve.org/view.php?id=CVE-2018-17462
Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page. • http://www.securityfocus.com/bid/105666 https://access.redhat.com/errata/RHSA-2018:3004 https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html https://crbug.com/888926 https://security.gentoo.org/glsa/201811-10 https://www.debian.org/security/2018/dsa-4330 https://access.redhat.com/security/cve/CVE-2018-17462 https://bugzilla.redhat.com/show_bug.cgi?id=1640098 • CWE-416: Use After Free •
CVSS: 7.4EPSS: 2%CPEs: 5EXPL: 0CVE-2018-17470 – chromium-browser: Memory corruption in GPU Internals
https://notcve.org/view.php?id=CVE-2018-17470
A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • http://www.securityfocus.com/bid/105666 https://access.redhat.com/errata/RHSA-2018:3004 https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html https://crbug.com/877874 https://security.gentoo.org/glsa/201811-10 https://www.debian.org/security/2018/dsa-4330 https://access.redhat.com/security/cve/CVE-2018-17470 https://bugzilla.redhat.com/show_bug.cgi?id=1640106 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •