Lucene search
PRIOn knowledge basePRION:CVE-2023-24422HistoryJan 26, 2023 - 9:18 p.m.
Security feature bypass
2023-01-2621:18:00
PRIOn knowledge base
www.prio-n.com
10
security feature bypass
map constructors
jenkins script security plugin
permission
sandboxed scripts
pipelines
bypass vulnerability
arbitrary code
jenkins controller jvm
A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
| CPE | Name | Operator | Version |
|---|---|---|---|
| script_security | eq | < 1229.v4880bbe905a6 |
Related
cvelist
cvelist
CVE-2023-24422
2023-01-24 00:00:00
github
github
Sandbox bypass in Jenkins Script Security Plugin
2023-01-26 21:30:19
osv
osv
CVE-2023-24422
2023-01-26 21:18:16
Sandbox bypass in Jenkins Script Security Plugin
2023-01-26 21:30:19
nvd
nvd
CVE-2023-24422
2023-01-26 21:18:16
alpinelinux
alpinelinux
CVE-2023-24422
2023-01-26 21:18:16
cve
cve
CVE-2023-24422
2023-01-26 21:18:16
redhatcve
redhatcve
CVE-2023-24422
2023-01-25 04:05:54
nessus
nessus
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3195)
2024-04-28 00:00:00
RHEL 8 : Red Hat Product OCP Tools 4.13 OpenShift Jenkins (RHSA-2023:6179)
2024-04-28 00:00:00
RHEL 8 : Red Hat Product OCP Tools 4.14 Openshift Jenkins (RHSA-2023:7288)
2024-04-23 00:00:00
redhat
redhat
