Lucene search
Veracode Vulnerability DatabaseVERACODE:20198HistoryMay 16, 2019 - 3:58 a.m.
Sandbox Protection Bypass
2019-05-1603:58:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
EPSS
0.004
Percentile
75.0%
Jenkins Script Security Plugin is vulnerable to sandbox protection bypass vulnerability. This exists in the src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java which allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that could result in arbitrary code execution on the Jenkins master JVM.
Related
github
github
Sandbox Bypass in Script Security Plugin
2022-05-13 01:00:55
osv
osv
CVE-2019-1003005
2019-02-06 16:29:00
Sandbox Bypass in Script Security Plugin
2022-05-13 01:00:55
cve
cve
CVE-2019-1003005
2019-02-06 16:29:00
cvelist
cvelist
CVE-2019-1003005
2019-02-06 16:00:00
prion
prion
Security feature bypass
2019-02-06 16:29:00
nvd
nvd
CVE-2019-1003005
2019-02-06 16:29:00
redhatcve
redhatcve
CVE-2019-1003005
2020-04-09 10:33:39
canvas
canvas
Immunity Canvas: JENKINS_CHECKSCRIPT_RCE
2019-03-08 21:29:00
hackerone
hackerone
Django: Jenkins Unauthenticated RCE on https://djangoci.com/
2019-05-14 07:48:49
nessus
nessus
redhat
redhat
metasploit
metasploit
Jenkins ACL Bypass and Metaprogramming RCE
2019-03-16 05:32:36