All the vulnerabilites related to jenkins - script_security
cve-2019-10399
Vulnerability from cvelistv5
Published
2019-09-12 13:55
Modified
2024-08-04 22:24
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2019/09/12/2 | mailing-list, x_refsource_MLIST | |
| https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: 1.62 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:24:16.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.62 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:48:52.350Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2019-10399",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.62 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-265"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"name": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-10399",
"datePublished": "2019-09-12T13:55:15",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:24:16.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-2134
Vulnerability from cvelistv5
Published
2020-03-09 15:00
Modified
2024-08-04 07:01
Severity ?
EPSS score ?
Summary
Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted constructor calls and crafted constructor bodies.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2020/03/09/1 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:01:40.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754"
},
{
"name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/09/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "1.70",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted constructor calls and crafted constructor bodies."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:05:34.273Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754"
},
{
"name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/09/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2020-2134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.70"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted constructor calls and crafted constructor bodies."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-693: Protection Mechanism Failure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754"
},
{
"name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/03/09/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2020-2134",
"datePublished": "2020-03-09T15:00:56",
"dateReserved": "2019-12-05T00:00:00",
"dateUpdated": "2024-08-04T07:01:40.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1003005
Vulnerability from cvelistv5
Published
2019-02-06 16:00
Modified
2024-08-05 03:00
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1292 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2019:0739 | vendor-advisory, x_refsource_REDHAT | |
| http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: 1.50 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:00:19.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1292"
},
{
"name": "RHSA-2019:0739",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.50 and earlier"
}
]
}
],
"dateAssigned": "2019-02-06T00:00:00",
"datePublic": "2019-01-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:44:35.636Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1292"
},
{
"name": "RHSA-2019:0739",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"DATE_ASSIGNED": "2019-02-06T02:59:03.172123",
"ID": "CVE-2019-1003005",
"REQUESTER": "ml@beckweb.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.50 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-693"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1292",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1292"
},
{
"name": "RHSA-2019:0739",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
},
{
"name": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-1003005",
"datePublished": "2019-02-06T16:00:00",
"dateReserved": "2019-02-06T00:00:00",
"dateUpdated": "2024-08-05T03:00:19.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-1000505
Vulnerability from cvelistv5
Published
2018-01-25 18:00
Modified
2024-09-16 17:08
Severity ?
EPSS score ?
Summary
In Jenkins Script Security Plugin version 1.36 and earlier, users with the ability to configure sandboxed Groovy scripts are able to use a type coercion feature in Groovy to create new `File` objects from strings. This allowed reading arbitrary files on the Jenkins master file system. Such a type coercion is now subject to sandbox protection and considered to be a call to the `new File(String)` constructor for the purpose of in-process script approval.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2017-12-11/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:41.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2017-12-11/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2018-01-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Jenkins Script Security Plugin version 1.36 and earlier, users with the ability to configure sandboxed Groovy scripts are able to use a type coercion feature in Groovy to create new `File` objects from strings. This allowed reading arbitrary files on the Jenkins master file system. Such a type coercion is now subject to sandbox protection and considered to be a call to the `new File(String)` constructor for the purpose of in-process script approval."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-25T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2017-12-11/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2018-01-25",
"ID": "CVE-2017-1000505",
"REQUESTER": "ml@beckweb.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Jenkins Script Security Plugin version 1.36 and earlier, users with the ability to configure sandboxed Groovy scripts are able to use a type coercion feature in Groovy to create new `File` objects from strings. This allowed reading arbitrary files on the Jenkins master file system. Such a type coercion is now subject to sandbox protection and considered to be a call to the `new File(String)` constructor for the purpose of in-process script approval."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2017-12-11/",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2017-12-11/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000505",
"datePublished": "2018-01-25T18:00:00Z",
"dateReserved": "2018-01-25T00:00:00Z",
"dateUpdated": "2024-09-16T17:08:44.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-2135
Vulnerability from cvelistv5
Published
2020-03-09 15:00
Modified
2024-08-04 07:01
Severity ?
EPSS score ?
Summary
Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted method calls on objects that implement GroovyInterceptable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2020/03/09/1 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:01:41.104Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754"
},
{
"name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/09/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "1.70",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted method calls on objects that implement GroovyInterceptable."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:05:35.460Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754"
},
{
"name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/09/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2020-2135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.70"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted method calls on objects that implement GroovyInterceptable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-693: Protection Mechanism Failure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754"
},
{
"name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/03/09/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2020-2135",
"datePublished": "2020-03-09T15:00:56",
"dateReserved": "2019-12-05T00:00:00",
"dateUpdated": "2024-08-04T07:01:41.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-2279
Vulnerability from cvelistv5
Published
2020-09-23 13:10
Modified
2024-08-04 07:01
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.jenkins.io/security/advisory/2020-09-23/#SECURITY-2020 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2020/09/23/1 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:01:41.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.jenkins.io/security/advisory/2020-09-23/#SECURITY-2020"
},
{
"name": "[oss-security] 20200923 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/09/23/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "1.74",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.66.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:08:25.909Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.jenkins.io/security/advisory/2020-09-23/#SECURITY-2020"
},
{
"name": "[oss-security] 20200923 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/09/23/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2020-2279",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.74"
},
{
"version_affected": "!",
"version_value": "1.66.5"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-693: Protection Mechanism Failure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-23/#SECURITY-2020",
"refsource": "CONFIRM",
"url": "https://www.jenkins.io/security/advisory/2020-09-23/#SECURITY-2020"
},
{
"name": "[oss-security] 20200923 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/09/23/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2020-2279",
"datePublished": "2020-09-23T13:10:17",
"dateReserved": "2019-12-05T00:00:00",
"dateUpdated": "2024-08-04T07:01:41.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-43404
Vulnerability from cvelistv5
Published
2022-10-19 00:00
Modified
2024-08-03 13:32
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability involving crafted constructor bodies and calls to sandbox-generated synthetic constructors in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:32:57.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29"
},
{
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "unaffected",
"version": "1175.1177.vda_175b_77d144"
},
{
"lessThanOrEqual": "1183.v774b_0b_0a_a_451",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability involving crafted constructor bodies and calls to sandbox-generated synthetic constructors in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T14:25:30.322Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29"
},
{
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2022-43404",
"datePublished": "2022-10-19T00:00:00",
"dateReserved": "2022-10-18T00:00:00",
"dateUpdated": "2024-08-03T13:32:57.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-45379
Vulnerability from cvelistv5
Published
2022-11-15 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:09:57.037Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564"
},
{
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "1189.vb_a_b_7c8fd5fde",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1175.1179.vea_f7532629e1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T14:26:08.195Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564"
},
{
"name": "[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2022-45379",
"datePublished": "2022-11-15T00:00:00",
"dateReserved": "2022-11-14T00:00:00",
"dateUpdated": "2024-08-03T14:09:57.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1003000
Vulnerability from cvelistv5
Published
2019-01-22 14:00
Modified
2024-08-05 03:00
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/46453/ | exploit, x_refsource_EXPLOIT-DB | |
| https://access.redhat.com/errata/RHBA-2019:0326 | vendor-advisory, x_refsource_REDHAT | |
| http://packetstormsecurity.com/files/152132/Jenkins-ACL-Bypass-Metaprogramming-Remote-Code-Execution.html | x_refsource_MISC | |
| http://www.rapid7.com/db/modules/exploit/multi/http/jenkins_metaprogramming | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/46572/ | exploit, x_refsource_EXPLOIT-DB | |
| https://access.redhat.com/errata/RHBA-2019:0327 | vendor-advisory, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Script Security Plugin |
Version: 1.49 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:00:19.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266"
},
{
"name": "46453",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46453/"
},
{
"name": "RHBA-2019:0326",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0326"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152132/Jenkins-ACL-Bypass-Metaprogramming-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rapid7.com/db/modules/exploit/multi/http/jenkins_metaprogramming"
},
{
"name": "46572",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46572/"
},
{
"name": "RHBA-2019:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.49 and earlier"
}
]
}
],
"dateAssigned": "2019-01-21T00:00:00",
"datePublic": "2019-01-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:44:29.450Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266"
},
{
"name": "46453",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46453/"
},
{
"name": "RHBA-2019:0326",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0326"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152132/Jenkins-ACL-Bypass-Metaprogramming-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rapid7.com/db/modules/exploit/multi/http/jenkins_metaprogramming"
},
{
"name": "46572",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46572/"
},
{
"name": "RHBA-2019:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"DATE_ASSIGNED": "2019-01-21T18:56:51.574311",
"ID": "CVE-2019-1003000",
"REQUESTER": "ml@beckweb.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.49 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-693"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266"
},
{
"name": "46453",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46453/"
},
{
"name": "RHBA-2019:0326",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:0326"
},
{
"name": "http://packetstormsecurity.com/files/152132/Jenkins-ACL-Bypass-Metaprogramming-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152132/Jenkins-ACL-Bypass-Metaprogramming-Remote-Code-Execution.html"
},
{
"name": "http://www.rapid7.com/db/modules/exploit/multi/http/jenkins_metaprogramming",
"refsource": "MISC",
"url": "http://www.rapid7.com/db/modules/exploit/multi/http/jenkins_metaprogramming"
},
{
"name": "46572",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46572/"
},
{
"name": "RHBA-2019:0327",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-1003000",
"datePublished": "2019-01-22T14:00:00",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2024-08-05T03:00:19.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-30946
Vulnerability from cvelistv5
Published
2022-05-17 14:05
Modified
2024-08-03 07:03
Severity ?
EPSS score ?
Summary
A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2022/05/17/8 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:03:39.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116"
},
{
"name": "[oss-security] 20220517 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/05/17/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "1158.v7c1b_73a_69a_08",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.78.1"
},
{
"status": "unaffected",
"version": "1145.1148.vf6d17a_a_a_eef6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T14:21:40.293Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116"
},
{
"name": "[oss-security] 20220517 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/05/17/8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2022-30946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1158.v7c1b_73a_69a_08"
},
{
"version_affected": "!",
"version_value": "1.78.1"
},
{
"version_affected": "!",
"version_value": "1145.1148.vf6d17a_a_a_eef6"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116",
"refsource": "CONFIRM",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116"
},
{
"name": "[oss-security] 20220517 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/05/17/8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2022-30946",
"datePublished": "2022-05-17T14:05:52",
"dateReserved": "2022-05-16T00:00:00",
"dateUpdated": "2024-08-03T07:03:39.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1003024
Vulnerability from cvelistv5
Published
2019-02-20 21:00
Modified
2024-08-05 03:00
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1320 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/107295 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2019:0739 | vendor-advisory, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: 1.52 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:00:19.284Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1320"
},
{
"name": "107295",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107295"
},
{
"name": "RHSA-2019:0739",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.52 and earlier"
}
]
}
],
"dateAssigned": "2019-02-19T00:00:00",
"datePublic": "2019-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:44:58.030Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1320"
},
{
"name": "107295",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107295"
},
{
"name": "RHSA-2019:0739",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"DATE_ASSIGNED": "2019-02-19T22:20:51.846360",
"ID": "CVE-2019-1003024",
"REQUESTER": "ml@beckweb.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.52 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-693"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1320",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1320"
},
{
"name": "107295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107295"
},
{
"name": "RHSA-2019:0739",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-1003024",
"datePublished": "2019-02-20T21:00:00",
"dateReserved": "2019-02-20T00:00:00",
"dateUpdated": "2024-08-05T03:00:19.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10393
Vulnerability from cvelistv5
Published
2019-09-12 13:55
Modified
2024-08-04 22:17
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2019/09/12/2 | mailing-list, x_refsource_MLIST | |
| https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: 1.62 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:17:20.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.62 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:48:45.290Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2019-10393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.62 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-265"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"name": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-10393",
"datePublished": "2019-09-12T13:55:15",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:17:20.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10431
Vulnerability from cvelistv5
Published
2019-10-01 13:45
Modified
2024-08-04 22:24
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2019-10-01/#SECURITY-1579 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2019/10/01/2 | mailing-list, x_refsource_MLIST | |
| https://access.redhat.com/errata/RHSA-2019:4097 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:4055 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:4089 | vendor-advisory, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: 1.64 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:24:18.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-10-01/#SECURITY-1579"
},
{
"name": "[oss-security] 20191001 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/01/2"
},
{
"name": "RHSA-2019:4097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4097"
},
{
"name": "RHSA-2019:4055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4055"
},
{
"name": "RHSA-2019:4089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.64 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:49:30.101Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-10-01/#SECURITY-1579"
},
{
"name": "[oss-security] 20191001 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/01/2"
},
{
"name": "RHSA-2019:4097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4097"
},
{
"name": "RHSA-2019:4055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4055"
},
{
"name": "RHSA-2019:4089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2019-10431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.64 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-265"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2019-10-01/#SECURITY-1579",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-10-01/#SECURITY-1579"
},
{
"name": "[oss-security] 20191001 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/01/2"
},
{
"name": "RHSA-2019:4097",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:4097"
},
{
"name": "RHSA-2019:4055",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:4055"
},
{
"name": "RHSA-2019:4089",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:4089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-10431",
"datePublished": "2019-10-01T13:45:19",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:24:18.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1003040
Vulnerability from cvelistv5
Published
2019-03-28 17:59
Modified
2024-08-05 03:07
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2019/03/28/2 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/107628 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2019:1423 | vendor-advisory, x_refsource_REDHAT | |
| https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: 1.55 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:16.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20190328 Re: Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/03/28/2"
},
{
"name": "107628",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107628"
},
{
"name": "RHSA-2019:1423",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1423"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.55 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:45:17.278Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "[oss-security] 20190328 Re: Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/03/28/2"
},
{
"name": "107628",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107628"
},
{
"name": "RHSA-2019:1423",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1423"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2019-1003040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.55 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-265"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20190328 Re: Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/03/28/2"
},
{
"name": "107628",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107628"
},
{
"name": "RHSA-2019:1423",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1423"
},
{
"name": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-1003040",
"datePublished": "2019-03-28T17:59:29",
"dateReserved": "2019-03-28T00:00:00",
"dateUpdated": "2024-08-05T03:07:16.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3102
Vulnerability from cvelistv5
Published
2017-02-09 15:00
Modified
2024-08-05 23:47
Severity ?
EPSS score ?
Summary
The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:47:56.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-09T13:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-3102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-3102",
"datePublished": "2017-02-09T15:00:00",
"dateReserved": "2016-03-10T00:00:00",
"dateUpdated": "2024-08-05T23:47:56.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-1000095
Vulnerability from cvelistv5
Published
2017-10-04 01:00
Modified
2024-08-05 21:53
Severity ?
EPSS score ?
Summary
The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild['rawBuild'] rather than currentBuild.rawBuild. Additionally, the following entries allowed accessing private data that would not be accessible otherwise due to script security: groovy.json.JsonOutput.toJson(Closure); groovy.json.JsonOutput.toJson(Object).
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2017-07-10/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:53:06.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-08-22T00:00:00",
"datePublic": "2017-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild[\u0027rawBuild\u0027] rather than currentBuild.rawBuild. Additionally, the following entries allowed accessing private data that would not be accessible otherwise due to script security: groovy.json.JsonOutput.toJson(Closure); groovy.json.JsonOutput.toJson(Object)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-04T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.313879",
"ID": "CVE-2017-1000095",
"REQUESTER": "ml@beckweb.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild[\u0027rawBuild\u0027] rather than currentBuild.rawBuild. Additionally, the following entries allowed accessing private data that would not be accessible otherwise due to script security: groovy.json.JsonOutput.toJson(Closure); groovy.json.JsonOutput.toJson(Object)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2017-07-10/",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000095",
"datePublished": "2017-10-04T01:00:00",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-08-05T21:53:06.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10394
Vulnerability from cvelistv5
Published
2019-09-12 13:55
Modified
2024-08-04 22:17
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2019/09/12/2 | mailing-list, x_refsource_MLIST | |
| https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: 1.62 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:17:20.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.62 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:48:46.458Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2019-10394",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.62 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-265"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"name": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-10394",
"datePublished": "2019-09-12T13:55:15",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:17:20.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-43401
Vulnerability from cvelistv5
Published
2022-10-19 00:00
Modified
2024-08-03 13:32
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:32:57.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29"
},
{
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "unaffected",
"version": "1175.1177.vda_175b_77d144"
},
{
"lessThanOrEqual": "1183.v774b_0b_0a_a_451",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T14:25:26.784Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29"
},
{
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2022-43401",
"datePublished": "2022-10-19T00:00:00",
"dateReserved": "2022-10-18T00:00:00",
"dateUpdated": "2024-08-03T13:32:57.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-43403
Vulnerability from cvelistv5
Published
2022-10-19 00:00
Modified
2024-08-03 13:32
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability involving casting an array-like value to an array type in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:32:57.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29"
},
{
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.secpod.com/blog/oracle-releases-critical-security-updates-january-2023-patch-now/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "unaffected",
"version": "1175.1177.vda_175b_77d144"
},
{
"lessThanOrEqual": "1183.v774b_0b_0a_a_451",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability involving casting an array-like value to an array type in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T14:25:29.099Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29"
},
{
"name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
},
{
"url": "https://www.secpod.com/blog/oracle-releases-critical-security-updates-january-2023-patch-now/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2022-43403",
"datePublished": "2022-10-19T00:00:00",
"dateReserved": "2022-10-18T00:00:00",
"dateUpdated": "2024-08-03T13:32:57.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-1000107
Vulnerability from cvelistv5
Published
2017-10-04 01:00
Modified
2024-09-16 23:50
Severity ?
EPSS score ?
Summary
Script Security Plugin did not apply sandboxing restrictions to constructor invocations via positional arguments list, super constructor invocations, method references, and type coercion expressions. This could be used to invoke arbitrary constructors and methods, bypassing sandbox protection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2017-08-07/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:53:06.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2017-08-07/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-08-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Script Security Plugin did not apply sandboxing restrictions to constructor invocations via positional arguments list, super constructor invocations, method references, and type coercion expressions. This could be used to invoke arbitrary constructors and methods, bypassing sandbox protection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-04T01:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2017-08-07/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.321581",
"ID": "CVE-2017-1000107",
"REQUESTER": "ml@beckweb.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Script Security Plugin did not apply sandboxing restrictions to constructor invocations via positional arguments list, super constructor invocations, method references, and type coercion expressions. This could be used to invoke arbitrary constructors and methods, bypassing sandbox protection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2017-08-07/",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2017-08-07/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000107",
"datePublished": "2017-10-04T01:00:00Z",
"dateReserved": "2017-10-03T00:00:00Z",
"dateUpdated": "2024-09-16T23:50:42.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-2190
Vulnerability from cvelistv5
Published
2020-06-03 12:40
Modified
2024-08-04 07:01
Severity ?
EPSS score ?
Summary
Jenkins Script Security Plugin 1.72 and earlier does not correctly escape pending or approved classpath entries on the In-process Script Approval page, resulting in a stored cross-site scripting vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1866 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2020/06/03/3 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:01:41.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1866"
},
{
"name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/03/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "1.72",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jenkins Script Security Plugin 1.72 and earlier does not correctly escape pending or approved classpath entries on the In-process Script Approval page, resulting in a stored cross-site scripting vulnerability."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:06:40.466Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1866"
},
{
"name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/03/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2020-2190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.72"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jenkins Script Security Plugin 1.72 and earlier does not correctly escape pending or approved classpath entries on the In-process Script Approval page, resulting in a stored cross-site scripting vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1866",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1866"
},
{
"name": "[oss-security] 20200603 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/06/03/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2020-2190",
"datePublished": "2020-06-03T12:40:23",
"dateReserved": "2019-12-05T00:00:00",
"dateUpdated": "2024-08-04T07:01:41.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10400
Vulnerability from cvelistv5
Published
2019-09-12 13:55
Modified
2024-08-04 22:24
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2019/09/12/2 | mailing-list, x_refsource_MLIST | |
| https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: 1.62 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:24:17.837Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.62 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:48:53.536Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2019-10400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.62 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-265"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"name": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-10400",
"datePublished": "2019-09-12T13:55:15",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:24:17.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1000865
Vulnerability from cvelistv5
Published
2018-12-10 14:00
Modified
2024-08-05 12:47
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHBA-2019:0326 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHBA-2019:0327 | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:47:57.160Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186"
},
{
"name": "RHBA-2019:0326",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0326"
},
{
"name": "RHBA-2019:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2018-12-09T00:00:00",
"datePublic": "2018-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-24T05:06:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186"
},
{
"name": "RHBA-2019:0326",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0326"
},
{
"name": "RHBA-2019:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2018-12-09T22:41:05.610667",
"ID": "CVE-2018-1000865",
"REQUESTER": "ml@beckweb.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186"
},
{
"name": "RHBA-2019:0326",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:0326"
},
{
"name": "RHBA-2019:0327",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-1000865",
"datePublished": "2018-12-10T14:00:00",
"dateReserved": "2018-12-10T00:00:00",
"dateUpdated": "2024-08-05T12:47:57.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10355
Vulnerability from cvelistv5
Published
2019-07-31 12:45
Modified
2024-08-04 22:17
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2019/07/31/1 | mailing-list, x_refsource_MLIST | |
| https://access.redhat.com/errata/RHSA-2019:2651 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:2594 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:2662 | vendor-advisory, x_refsource_REDHAT | |
| https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%281%29 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: 1.61 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:17:20.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20190731 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"name": "RHSA-2019:2651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2651"
},
{
"name": "RHSA-2019:2594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2594"
},
{
"name": "RHSA-2019:2662",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2662"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%281%29"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.61 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:48:00.639Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "[oss-security] 20190731 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"name": "RHSA-2019:2651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2651"
},
{
"name": "RHSA-2019:2594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2594"
},
{
"name": "RHSA-2019:2662",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2662"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%281%29"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2019-10355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.61 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-265"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20190731 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"name": "RHSA-2019:2651",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2651"
},
{
"name": "RHSA-2019:2594",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2594"
},
{
"name": "RHSA-2019:2662",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2662"
},
{
"name": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20(1)",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20(1)"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-10355",
"datePublished": "2019-07-31T12:45:21",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:17:20.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-16538
Vulnerability from cvelistv5
Published
2019-11-21 14:11
Modified
2024-08-05 01:17
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1658 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2019/11/21/1 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: 1.67 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:17:40.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1658"
},
{
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.67 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:50:24.932Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1658"
},
{
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2019-16538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.67 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-265"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1658",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1658"
},
{
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-16538",
"datePublished": "2019-11-21T14:11:20",
"dateReserved": "2019-09-20T00:00:00",
"dateUpdated": "2024-08-05T01:17:40.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10356
Vulnerability from cvelistv5
Published
2019-07-31 12:45
Modified
2024-08-04 22:17
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2019/07/31/1 | mailing-list, x_refsource_MLIST | |
| https://access.redhat.com/errata/RHSA-2019:2651 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:2594 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:2662 | vendor-advisory, x_refsource_REDHAT | |
| https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%282%29 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: 1.61 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:17:20.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20190731 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"name": "RHSA-2019:2651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2651"
},
{
"name": "RHSA-2019:2594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2594"
},
{
"name": "RHSA-2019:2662",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2662"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%282%29"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.61 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:48:01.811Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "[oss-security] 20190731 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"name": "RHSA-2019:2651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2651"
},
{
"name": "RHSA-2019:2594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2594"
},
{
"name": "RHSA-2019:2662",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2662"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%282%29"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2019-10356",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.61 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-265"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20190731 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"name": "RHSA-2019:2651",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2651"
},
{
"name": "RHSA-2019:2594",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2594"
},
{
"name": "RHSA-2019:2662",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2662"
},
{
"name": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20(2)",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20(2)"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-10356",
"datePublished": "2019-07-31T12:45:21",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:17:20.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1003029
Vulnerability from cvelistv5
Published
2019-03-08 21:00
Modified
2024-08-05 03:00
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20%281%29 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/107476 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2019:0739 | vendor-advisory, x_refsource_REDHAT | |
| http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: 1.53 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:00:19.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20%281%29"
},
{
"name": "107476",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107476"
},
{
"name": "RHSA-2019:0739",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.53 and earlier"
}
]
}
],
"dateAssigned": "2019-03-06T00:00:00",
"datePublic": "2019-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:45:04.091Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20%281%29"
},
{
"name": "107476",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107476"
},
{
"name": "RHSA-2019:0739",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"DATE_ASSIGNED": "2019-03-06T22:44:37.383669",
"ID": "CVE-2019-1003029",
"REQUESTER": "ml@beckweb.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_value": "1.53 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-693"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20(1)",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20(1)"
},
{
"name": "107476",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107476"
},
{
"name": "RHSA-2019:0739",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
},
{
"name": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-1003029",
"datePublished": "2019-03-08T21:00:00",
"dateReserved": "2019-03-08T00:00:00",
"dateUpdated": "2024-08-05T03:00:19.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-2110
Vulnerability from cvelistv5
Published
2020-02-12 14:35
Modified
2024-08-04 07:01
Severity ?
EPSS score ?
Summary
Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1713 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2020/02/12/3 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins project | Jenkins Script Security Plugin |
Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:01:39.727Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1713"
},
{
"name": "[oss-security] 20200212 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/12/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "1.69",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:05:06.077Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1713"
},
{
"name": "[oss-security] 20200212 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/12/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2020-2110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Script Security Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.69"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-265"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1713",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1713"
},
{
"name": "[oss-security] 20200212 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/02/12/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2020-2110",
"datePublished": "2020-02-12T14:35:40",
"dateReserved": "2019-12-05T00:00:00",
"dateUpdated": "2024-08-04T07:01:39.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-24422
Vulnerability from cvelistv5
Published
2023-01-24 00:00
Modified
2024-08-02 10:56
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Jenkins Project | Jenkins Script Security Plugin |
Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:03.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Script Security Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThanOrEqual": "1228.vd93135a_2fb_25",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1175.1180.v36a_3fb_2dec9c"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T12:48:10.460Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2023-24422",
"datePublished": "2023-01-24T00:00:00",
"dateReserved": "2023-01-23T00:00:00",
"dateUpdated": "2024-08-02T10:56:03.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-03-08 21:29
Modified
2024-11-21 04:17
Severity ?
Summary
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html | Third Party Advisory, VDB Entry | |
| jenkinsci-cert@googlegroups.com | http://www.securityfocus.com/bid/107476 | Broken Link, Third Party Advisory, VDB Entry | |
| jenkinsci-cert@googlegroups.com | https://access.redhat.com/errata/RHSA-2019:0739 | Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20%281%29 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107476 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:0739 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20%281%29 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * | |
| redhat | openshift_container_platform | 3.11 |
{
"cisaActionDue": "2022-05-16",
"cisaExploitAdd": "2022-04-25",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Jenkins Script Security Plugin Sandbox Bypass Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "B7D4D86E-A7CD-49D3-B63A-1063AD24DF1E",
"versionEndExcluding": "1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de omisi\u00f3n de sandbox en Jenkins Script Security Plugin, en la versi\u00f3n 1.53 y anteriores en src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, que permite a los atacantes con permisos de \"Overall/Read\" ejecutar c\u00f3digo arbitrario en el maestro JVM de Jenkins."
}
],
"id": "CVE-2019-1003029",
"lastModified": "2024-11-21T04:17:46.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-08T21:29:00.297",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107476"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20%281%29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20%281%29"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-28 18:29
Modified
2024-11-21 04:17
Severity ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2019/03/28/2 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | http://www.securityfocus.com/bid/107628 | Third Party Advisory, VDB Entry | |
| jenkinsci-cert@googlegroups.com | https://access.redhat.com/errata/RHSA-2019:1423 | Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/03/28/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107628 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:1423 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * | |
| redhat | openshift_container_platform | 3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "34D0E88B-DEAA-4C74-8D3A-737927F0341D",
"versionEndIncluding": "1.55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n de sandbox en Jenkins Script Security Plugin, en sus versiones 1.55 y anteriores, permite a los atacantes invocar constructores arbitrarios en los scripts en \"sandbox\"."
}
],
"id": "CVE-2019-1003040",
"lastModified": "2024-11-21T04:17:47.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-28T18:29:00.250",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/03/28/2"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107628"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1423"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/03/28/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-470"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-02-20 21:29
Modified
2024-11-21 04:17
Severity ?
Summary
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.securityfocus.com/bid/107295 | Third Party Advisory, VDB Entry | |
| jenkinsci-cert@googlegroups.com | https://access.redhat.com/errata/RHSA-2019:0739 | Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1320 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107295 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:0739 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1320 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * | |
| redhat | openshift_container_platform | 3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "76228D65-2AF3-47B4-8B8C-A69609C92E4E",
"versionEndIncluding": "1.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de omisi\u00f3n de sandbox en Jenkins Script Security Plugin, en versiones 1.52 y anteriores, en RejectASTTransformsCustomizer.java, que permite que los atacantes con permisos Overall/Read proporcionen un script de Groovy a un endpoint HTTP que puede resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario en el JVM maestro de Jenkins."
}
],
"id": "CVE-2019-1003024",
"lastModified": "2024-11-21T04:17:45.640",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-20T21:29:00.270",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107295"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1320"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-15 20:15
Modified
2024-11-21 07:29
Severity ?
Summary
Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "D0C35A1D-A67D-4185-8A22-ABCC00B41BC0",
"versionEndExcluding": "1190.v65867a_a_47126",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks."
},
{
"lang": "es",
"value": "Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde y versiones anteriores almacena las aprobaciones de scripts completos como el hash SHA-1 del script, lo que lo hace vulnerable a ataques de colisi\u00f3n."
}
],
"id": "CVE-2022-45379",
"lastModified": "2024-11-21T07:29:08.990",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-15T20:15:11.390",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-12 14:15
Modified
2024-11-21 04:19
Severity ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2019/09/12/2 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/09/12/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "4A3CDC6F-700C-4B8D-AFA8-380FAED9E080",
"versionEndIncluding": "1.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n del sandbox en Jenkins Script Security Plugin versi\u00f3n 1.62 y anteriores, relacionada con el manejo de nombres de propiedad en expresiones de propiedad en expresiones de incremento y decremento, permiti\u00f3 a atacantes ejecutar c\u00f3digo arbitrario en scripts del sandbox."
}
],
"id": "CVE-2019-10399",
"lastModified": "2024-11-21T04:19:03.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-12T14:15:11.867",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-26 21:18
Modified
2024-11-21 07:47
Severity ?
Summary
A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "A61DCA4B-075D-461A-8F15-619193EFB500",
"versionEndExcluding": "1229.v4880b_b_e905a_6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n de la sandbox que involucra constructores de mapas en Jenkins Script Security Plugin 1228.vd93135a_2fb_25 y versiones anteriores permite a atacantes con permiso para definir y ejecutar scripts de sandbox, incluidos Pipelines, eludir la protecci\u00f3n de sandbox y ejecutar c\u00f3digo arbitrario en el contexto de la JVM del controlador Jenkins."
}
],
"id": "CVE-2023-24422",
"lastModified": "2024-11-21T07:47:50.210",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-26T21:18:16.633",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-25 18:29
Modified
2024-11-21 03:04
Severity ?
Summary
In Jenkins Script Security Plugin version 1.36 and earlier, users with the ability to configure sandboxed Groovy scripts are able to use a type coercion feature in Groovy to create new `File` objects from strings. This allowed reading arbitrary files on the Jenkins master file system. Such a type coercion is now subject to sandbox protection and considered to be a call to the `new File(String)` constructor for the purpose of in-process script approval.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://jenkins.io/security/advisory/2017-12-11/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2017-12-11/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "3F534CF3-AC16-439F-80D8-EA76EC27F2E2",
"versionEndIncluding": "1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Jenkins Script Security Plugin version 1.36 and earlier, users with the ability to configure sandboxed Groovy scripts are able to use a type coercion feature in Groovy to create new `File` objects from strings. This allowed reading arbitrary files on the Jenkins master file system. Such a type coercion is now subject to sandbox protection and considered to be a call to the `new File(String)` constructor for the purpose of in-process script approval."
},
{
"lang": "es",
"value": "En las versiones 1.36 y anteriores del plugin Script Security de Jenkins, los usuarios que pueden configurar scripts Groovy en sandbox pueden utilizar una caracter\u00edstica de coerci\u00f3n de tipos en Groovy para crear nuevos objetos \"File\" a partir de las cadenas. Esto permit\u00eda leer archivos arbitrarios en el sistema de archivos maestro de Jenkins. Esta coerci\u00f3n de tipos esta sujeta ahora a medidas de protecci\u00f3n de sandboxes y se considera una llamada al constructor \"new File(String)\" para la aprobaci\u00f3n de scripts dentro del proceso."
}
],
"id": "CVE-2017-1000505",
"lastModified": "2024-11-21T03:04:53.397",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-25T18:29:00.220",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2017-12-11/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2017-12-11/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-22 14:29
Modified
2024-11-21 04:17
Severity ?
Summary
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * | |
| redhat | openshift_container_platform | 3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "92354498-B477-4BD9-A0D1-8420AECAAD7C",
"versionEndIncluding": "1.49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de omisi\u00f3n de sandbox en Script Security Plugin versi\u00f3n 1.49 y anteriores, en src/main/java/org/jenkinsc/plugins/scriptsecurity/sandbox/ groovy/GroovySandbox.java que permite a los atacantes la capacidad de proporcionar scripts de tipo Sandbox para ejecutar c\u00f3digo arbitrario en el Jenkins master JVM."
}
],
"id": "CVE-2019-1003000",
"lastModified": "2024-11-21T04:17:42.887",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-22T14:29:00.267",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152132/Jenkins-ACL-Bypass-Metaprogramming-Remote-Code-Execution.html"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.rapid7.com/db/modules/exploit/multi/http/jenkins_metaprogramming"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0326"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46453/"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46572/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152132/Jenkins-ACL-Bypass-Metaprogramming-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.rapid7.com/db/modules/exploit/multi/http/jenkins_metaprogramming"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46453/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46572/"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-10 14:29
Modified
2024-11-21 03:40
Severity ?
Summary
A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://access.redhat.com/errata/RHBA-2019:0326 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHBA-2019:0327 | Third Party Advisory | |
| cve@mitre.org | https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHBA-2019:0326 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHBA-2019:0327 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * | |
| redhat | openshift_container_platform | 3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "DFD0DA33-6FC4-4099-B755-BFB311A9CCB2",
"versionEndIncluding": "1.47",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de omisi\u00f3n de sandbox en Script Security Plugin 1.47 y anteriores en groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java que permite que los atacantes con permiso Job/Configure ejecuten c\u00f3digo arbitrario en el maestro JVM de Jenkins, si est\u00e1n instalados los plugins que emplean el sandbox de Groovy."
}
],
"id": "CVE-2018-1000865",
"lastModified": "2024-11-21T03:40:31.667",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-10T14:29:01.620",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0326"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-19 16:15
Modified
2024-11-21 07:26
Severity ?
Summary
A sandbox bypass vulnerability involving casting an array-like value to an array type in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "62EC83DC-AAE2-44E2-A364-6683544267D8",
"versionEndIncluding": "1183.v774b_0b_0a_a_451",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability involving casting an array-like value to an array type in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n del sandbox que involucra la fundici\u00f3n de un valor de tipo array a un tipo de array en Jenkins Script Security Plugin versiones 1183.v774b_0b_0a_451 y anteriores, permite a atacantes con permiso para definir y ejecutar scripts en sandbox, incluyendo Pipelines, omitir la protecci\u00f3n del sandbox y ejecutar c\u00f3digo arbitrario en el contexto de la JVM del controlador de Jenkins"
}
],
"id": "CVE-2022-43403",
"lastModified": "2024-11-21T07:26:24.753",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-19T16:15:10.253",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.secpod.com/blog/oracle-releases-critical-security-updates-january-2023-patch-now/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.secpod.com/blog/oracle-releases-critical-security-updates-january-2023-patch-now/"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-01 14:15
Modified
2024-11-21 04:19
Severity ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "0519D75C-7469-4020-8F82-7DDA2AAF0DBB",
"versionEndIncluding": "1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n del sandbox en Jenkins Script Security Plugin versi\u00f3n 1.64 y anteriores, relacionada con el manejo de expresiones de par\u00e1metros predeterminados en constructores permiti\u00f3 a los atacantes ejecutar c\u00f3digo arbitrario en scripts del sandbox."
}
],
"id": "CVE-2019-10431",
"lastModified": "2024-11-21T04:19:07.500",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-01T14:15:18.507",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/01/2"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"url": "https://access.redhat.com/errata/RHSA-2019:4055"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"url": "https://access.redhat.com/errata/RHSA-2019:4089"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"url": "https://access.redhat.com/errata/RHSA-2019:4097"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-10-01/#SECURITY-1579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/01/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:4055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:4089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:4097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-10-01/#SECURITY-1579"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-12 15:15
Modified
2024-11-21 05:24
Severity ?
Summary
Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2020/02/12/3 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1713 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2020/02/12/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1713 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "18466578-DC29-46E1-BA00-D1FC9B67A95B",
"versionEndIncluding": "1.69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations."
},
{
"lang": "es",
"value": "La protecci\u00f3n de Sandbox en Jenkins Script Security Plugin versiones 1.69 y anteriores, podr\u00eda omitirse durante la fase de compilaci\u00f3n del script mediante la aplicaci\u00f3n de anotaciones de transformaci\u00f3n AST para las importaciones o al usarlas dentro de otras anotaciones."
}
],
"id": "CVE-2020-2110",
"lastModified": "2024-11-21T05:24:40.027",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-12T15:15:12.507",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/12/3"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/12/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1713"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-05 01:29
Modified
2024-11-21 03:04
Severity ?
Summary
The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild['rawBuild'] rather than currentBuild.rawBuild. Additionally, the following entries allowed accessing private data that would not be accessible otherwise due to script security: groovy.json.JsonOutput.toJson(Closure); groovy.json.JsonOutput.toJson(Object).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://jenkins.io/security/advisory/2017-07-10/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2017-07-10/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | 1.34 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.34:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "F330BD19-176E-4D33-8302-9904501F853F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild[\u0027rawBuild\u0027] rather than currentBuild.rawBuild. Additionally, the following entries allowed accessing private data that would not be accessible otherwise due to script security: groovy.json.JsonOutput.toJson(Closure); groovy.json.JsonOutput.toJson(Object)."
},
{
"lang": "es",
"value": "La lista blanca por defecto incluye las siguientes entradas no seguras: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). Esto permite omitir muchas de las restricciones de acceso implementadas en el sandbox del script utilizando, por ejemplo, currentBuild[\u0027rawBuild\u0027] en vez de currentBuild.rawBuild. Adem\u00e1s, las siguientes entradas permiten que se acceda a datos privados que no ser\u00edan accesibles de otra manera por mecanismos de seguridad de scripts: groovy.json.JsonOutput.toJson(Closure); groovy.json.JsonOutput.toJson(Object)."
}
],
"id": "CVE-2017-1000095",
"lastModified": "2024-11-21T03:04:08.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-05T01:29:03.883",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2017-07-10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-09 16:15
Modified
2024-11-21 05:24
Severity ?
Summary
Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted constructor calls and crafted constructor bodies.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "0C9D2B3A-06D9-4568-AA6F-B750B0208FF7",
"versionEndIncluding": "1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted constructor calls and crafted constructor bodies."
},
{
"lang": "es",
"value": "La protecci\u00f3n de Sandbox en Jenkins Script Security Plugin versiones 1.70 y anteriores, podr\u00eda ser omitida mediante llamadas de constructor dise\u00f1adas y cuerpos de constructor dise\u00f1ados."
}
],
"id": "CVE-2020-2134",
"lastModified": "2024-11-21T05:24:45.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-09T16:15:12.623",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/09/1"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/09/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-09-23 14:15
Modified
2024-11-21 05:25
Severity ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "9C3BB1A1-A0F0-4010-98AF-8C12A93BE89B",
"versionEndIncluding": "1.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n del sandbox en Jenkins Script Security Plugin versiones 1.74 y anteriores, permite a atacantes con permiso para definir scripts en sandbox proporcionar valores de retorno dise\u00f1ados o contenido de enlace de script que puede resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario en la JVM del controlador de Jenkins"
}
],
"id": "CVE-2020-2279",
"lastModified": "2024-11-21T05:25:11.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-23T14:15:13.007",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/09/23/1"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2020-09-23/#SECURITY-2020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/09/23/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2020-09-23/#SECURITY-2020"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-05 01:29
Modified
2024-11-21 03:04
Severity ?
Summary
Script Security Plugin did not apply sandboxing restrictions to constructor invocations via positional arguments list, super constructor invocations, method references, and type coercion expressions. This could be used to invoke arbitrary constructors and methods, bypassing sandbox protection.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://jenkins.io/security/advisory/2017-08-07/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2017-08-07/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | 1.30 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.30:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "536E2E0A-8532-4DBB-842B-D0255142015B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Script Security Plugin did not apply sandboxing restrictions to constructor invocations via positional arguments list, super constructor invocations, method references, and type coercion expressions. This could be used to invoke arbitrary constructors and methods, bypassing sandbox protection."
},
{
"lang": "es",
"value": "El plugin Script Security no aplica las restricciones de sandboxing para las invocaciones de constructores mediante listas de argumentos posicionales, invocaciones de superconstructores, referencias de m\u00e9todos y expresiones de coerci\u00f3n de tipos. Esta vulnerabilidad se podr\u00eda utilizar para invocar constructores y m\u00e9todos arbitrarios, omitiendo la protecci\u00f3n de sandboxing."
}
],
"id": "CVE-2017-1000107",
"lastModified": "2024-11-21T03:04:10.707",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-05T01:29:04.307",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2017-08-07/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2017-08-07/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-19 16:15
Modified
2024-11-21 07:26
Severity ?
Summary
A sandbox bypass vulnerability involving crafted constructor bodies and calls to sandbox-generated synthetic constructors in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2022/10/19/3 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2022/10/19/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "62EC83DC-AAE2-44E2-A364-6683544267D8",
"versionEndIncluding": "1183.v774b_0b_0a_a_451",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability involving crafted constructor bodies and calls to sandbox-generated synthetic constructors in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n del sandbox que implica cuerpos de constructores dise\u00f1ados y llamadas a constructores sint\u00e9ticos generados por la sandbox en Jenkins Script Security Plugin versiones 1183.v774b_0b_0a_451 y anteriores, permite a atacantes con permiso para definir y ejecutar scripts con sandbox, incluyendo Pipelines, omitir la protecci\u00f3n del sandbox y ejecutar c\u00f3digo arbitrario en el contexto de la JVM del controlador de Jenkins"
}
],
"id": "CVE-2022-43404",
"lastModified": "2024-11-21T07:26:24.883",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-19T16:15:10.313",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-03 13:15
Modified
2024-11-21 05:24
Severity ?
Summary
Jenkins Script Security Plugin 1.72 and earlier does not correctly escape pending or approved classpath entries on the In-process Script Approval page, resulting in a stored cross-site scripting vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2020/06/03/3 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1866 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2020/06/03/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1866 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "EFD0799F-0984-41B6-9D13-FC7443C56403",
"versionEndIncluding": "1.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Jenkins Script Security Plugin 1.72 and earlier does not correctly escape pending or approved classpath entries on the In-process Script Approval page, resulting in a stored cross-site scripting vulnerability."
},
{
"lang": "es",
"value": "Jenkins Script Security Plugin versiones 1.72 y anteriores, no escapa correctamente de las entradas de classpath pendientes o aprobadas en la p\u00e1gina In-process Script Approval, resultando en una vulnerabilidad de tipo cross-site scripting almacenado."
}
],
"id": "CVE-2020-2190",
"lastModified": "2024-11-21T05:24:54.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-03T13:15:10.540",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/03/3"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/03/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1866"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-09 16:15
Modified
2024-11-21 05:24
Severity ?
Summary
Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted method calls on objects that implement GroovyInterceptable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "0C9D2B3A-06D9-4568-AA6F-B750B0208FF7",
"versionEndIncluding": "1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted method calls on objects that implement GroovyInterceptable."
},
{
"lang": "es",
"value": "La protecci\u00f3n de Sandbox en Jenkins Script Security Plugin versiones 1.70 y anteriores, podr\u00eda ser omitida mediante llamadas de m\u00e9todo dise\u00f1adas sobre objetos que implementan GroovyInterceptable."
}
],
"id": "CVE-2020-2135",
"lastModified": "2024-11-21T05:24:45.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-09T16:15:12.703",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/09/1"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/09/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1754"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-09 15:59
Modified
2024-11-21 02:49
Severity ?
Summary
The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | 1.0 | |
| jenkins | script_security | 1.1 | |
| jenkins | script_security | 1.2 | |
| jenkins | script_security | 1.3 | |
| jenkins | script_security | 1.4 | |
| jenkins | script_security | 1.5 | |
| jenkins | script_security | 1.6 | |
| jenkins | script_security | 1.7 | |
| jenkins | script_security | 1.8 | |
| jenkins | script_security | 1.9 | |
| jenkins | script_security | 1.10 | |
| jenkins | script_security | 1.11 | |
| jenkins | script_security | 1.12 | |
| jenkins | script_security | 1.13 | |
| jenkins | script_security | 1.14 | |
| jenkins | script_security | 1.15 | |
| jenkins | script_security | 1.16 | |
| jenkins | script_security | 1.17 | |
| jenkins | script_security | 1.18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "0941B222-5731-4A1A-8B67-C33EE931FE91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "71689F37-4025-41B7-A5E4-546B70EC799E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.2:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "BD094183-2145-47E7-93F9-077BB11F88DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.3:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "9A263A3A-EFA7-4EF1-B882-9A48E02F7992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.4:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "05397C2C-1768-44DE-9DF3-28CEC2E64A12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.5:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "F0B4DA55-99E8-4D12-8E76-57A7F0E68530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.6:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "5F322056-8B48-4039-B5E1-3F6B5BD51DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.7:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "B06D3B5D-3104-45F2-8D00-8A063F583193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.8:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "138A02CC-41B0-4383-9457-5A5D3F64D14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.9:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "45E3C087-7204-4344-A600-C39058109AAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.10:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "28FFDA44-7EB9-44D4-98B0-CF3EB916315E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.11:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "81B21C43-B7DB-4BCA-9335-727A9D3BA164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.12:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "0AEDDF46-E6A1-4A61-96EC-4A796B3C1CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.13:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "EDDB123B-C69A-4C4B-A699-E27781407C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.14:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "6744EE4A-6476-47A5-A2C8-13DC0606A90C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.15:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "5D575F1B-8B43-488A-B37B-AC895C03A57C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.16:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "5DE8CF02-A8D4-4E27-B799-2E1BFD511A3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.17:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "A8B0A689-7F7B-4F93-A032-E693310CFDD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:script_security:1.18:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "452403BE-08F3-466C-82E1-DEE70668D2A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations."
},
{
"lang": "es",
"value": "El plugin Script Security en versiones anteriores a 1.18.1 en Jenkins podr\u00eda permitir a atacantes remotos eludir el mecanismo de protecci\u00f3n sandbox de Groovy a trav\u00e9s del plugin que realiza (1) acceso directo al campo o (2) operaciones de array get/set."
}
],
"id": "CVE-2016-3102",
"lastModified": "2024-11-21T02:49:23.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-09T15:59:01.003",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-254"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-31 13:15
Modified
2024-11-21 04:18
Severity ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * | |
| redhat | openshift_container_platform | 3.11 | |
| redhat | openshift_container_platform | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "9029F994-1402-4D2E-A541-330D0B3131F1",
"versionEndIncluding": "1.61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "064E7BDD-4EF0-4A0D-A38D-8C75BAFEDCEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n del sandbox en el Plugin Script Security de Jenkins versi\u00f3n 1.61 y anteriores, relacionada con el manejo de conversiones de tipos permiti\u00f3 a los atacantes ejecutar c\u00f3digo arbitrario en scripts del sandbox."
}
],
"id": "CVE-2019-10355",
"lastModified": "2024-11-21T04:18:57.483",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-31T13:15:12.433",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2594"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2651"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2662"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%281%29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%281%29"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-704"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-12 14:15
Modified
2024-11-21 04:19
Severity ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2019/09/12/2 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/09/12/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "4A3CDC6F-700C-4B8D-AFA8-380FAED9E080",
"versionEndIncluding": "1.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n del sandbox en Jenkins Script Security Plugin versi\u00f3n 1.62 y anteriores, relacionada con el manejo de subexpresiones en expresiones de incremento y decremento que no implican asignaci\u00f3n actual, permiti\u00f3 a atacantes ejecutar c\u00f3digo arbitrario en scripts del sandbox."
}
],
"id": "CVE-2019-10400",
"lastModified": "2024-11-21T04:19:03.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-12T14:15:11.960",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-17 15:15
Modified
2024-11-21 07:03
Severity ?
Summary
A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2022/05/17/8 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2022/05/17/8 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "D6F3125A-2CCA-43C2-B0FB-3C07906D88B7",
"versionEndExcluding": "1172.v35f6a_0b_8207e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo cross-site request forgery (CSRF) en el plugin de seguridad de scripts de Jenkins versiones 1158.v7c1b_73a_69a_08 y anteriores, permite a atacantes hacer que Jenkins env\u00ede una petici\u00f3n HTTP a un servidor web especificado por el atacante"
}
],
"id": "CVE-2022-30946",
"lastModified": "2024-11-21T07:03:36.540",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-17T15:15:08.737",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/05/17/8"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/05/17/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-31 13:15
Modified
2024-11-21 04:18
Severity ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * | |
| redhat | openshift_container_platform | 3.11 | |
| redhat | openshift_container_platform | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "9029F994-1402-4D2E-A541-330D0B3131F1",
"versionEndIncluding": "1.61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "064E7BDD-4EF0-4A0D-A38D-8C75BAFEDCEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n de sandbox en el Plugin Script Security de Jenkins versi\u00f3n 1.61 y anteriores, relacionada con el manejo de expresiones de puntero de m\u00e9todo permiti\u00f3 a los atacantes ejecutar c\u00f3digo arbitrario en scripts del sandbox."
}
],
"id": "CVE-2019-10356",
"lastModified": "2024-11-21T04:18:57.617",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-31T13:15:12.480",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2594"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2651"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2662"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%282%29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%282%29"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-21 15:15
Modified
2024-11-21 04:30
Severity ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2019/11/21/1 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1658 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/11/21/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1658 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "77A04B6A-5945-40D8-BA38-534878A60CFD",
"versionEndIncluding": "1.67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67 and earlier related to the handling of default parameter expressions in closures allowed attackers to execute arbitrary code in sandboxed scripts."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n de sandbox en Jenkins Script Security Plugin versi\u00f3n 1.67 y anteriores, relacionada con el manejo de expresiones de par\u00e1metro predeterminadas en los cierres permiti\u00f3 a atacantes ejecutar c\u00f3digo arbitrario en scripts manejados en el sandbox."
}
],
"id": "CVE-2019-16538",
"lastModified": "2024-11-21T04:30:47.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-21T15:15:13.947",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1658"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-02-06 16:29
Modified
2024-11-21 04:17
Severity ?
Summary
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html | Third Party Advisory, VDB Entry | |
| jenkinsci-cert@googlegroups.com | https://access.redhat.com/errata/RHSA-2019:0739 | Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1292 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:0739 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1292 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "2CBE89DE-6522-48C5-96C2-2AD74DAFB368",
"versionEndIncluding": "1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de omisi\u00f3n de sandbox en Jenkins Script Security Plugin, en versiones 1.50 y anteriores, en src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java, que permite que los atacantes con permisos Overall/Read proporcionen un script de Groovy a un endpoint HTTP que puede resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario en el JVM maestro de Jenkins."
}
],
"id": "CVE-2019-1003005",
"lastModified": "2024-11-21T04:17:43.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-06T16:29:00.250",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1292"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-12 14:15
Modified
2024-11-21 04:19
Severity ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2019/09/12/2 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/09/12/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "4A3CDC6F-700C-4B8D-AFA8-380FAED9E080",
"versionEndIncluding": "1.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n del sandbox en Jenkins Script Security Plugin versi\u00f3n 1.62 y anteriores, relacionada con el manejo de nombres de m\u00e9todos en expresiones de llamada a m\u00e9todo permiti\u00f3 a atacantes ejecutar c\u00f3digo arbitrario en scripts del sandbox."
}
],
"id": "CVE-2019-10393",
"lastModified": "2024-11-21T04:19:02.347",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-12T14:15:11.333",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-12 14:15
Modified
2024-11-21 04:19
Severity ?
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2019/09/12/2 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/09/12/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "4A3CDC6F-700C-4B8D-AFA8-380FAED9E080",
"versionEndIncluding": "1.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n del sandbox en Jenkins Script Security Plugin versi\u00f3n 1.62 y anteriores, relacionada con el manejo de nombres de propiedad en expresiones de propiedad en el lado izquierdo de las expresiones de asignaci\u00f3n permiti\u00f3 a atacantes ejecutar c\u00f3digo arbitrario en scripts de sandbox."
}
],
"id": "CVE-2019-10394",
"lastModified": "2024-11-21T04:19:02.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-12T14:15:11.397",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-19 16:15
Modified
2024-11-21 07:26
Severity ?
Summary
A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2022/10/19/3 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2022/10/19/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | script_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "62EC83DC-AAE2-44E2-A364-6683544267D8",
"versionEndIncluding": "1183.v774b_0b_0a_a_451",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n del sandbox que involucra varios moldes llevados a cabo impl\u00edcitamente por el tiempo de ejecuci\u00f3n del lenguaje Groovy en Jenkins Script Security Plugin versiones 1183.v774b_0b_0a_a_451 y anteriores, permite a atacantes con permiso para definir y ejecutar scripts en sandbox, incluyendo Pipelines, omitir la protecci\u00f3n del sandbox y ejecutar c\u00f3digo arbitrario en el contexto de la JVM del controlador de Jenkins"
}
],
"id": "CVE-2022-43401",
"lastModified": "2024-11-21T07:26:24.483",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-19T16:15:10.127",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}