CVE-2019-1003005

A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*

Information

Published : 2019-02-06 08:29

Updated : 2022-06-13 12:00


NVD link : CVE-2019-1003005

Mitre link : CVE-2019-1003005


JSON object : View

Advertisement

dedicated server usa

Products Affected

jenkins

  • script_security