Lucene search
Veracode Vulnerability DatabaseVERACODE:20200HistoryMay 16, 2019 - 3:58 a.m.
Arbitrary Code Execution
2019-05-1603:58:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.009 Low
EPSS
Percentile
83.2%
Jenkins Script Security Plugin is vulnerable to arbitrary code execution attacks. This exists in the src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java and src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java which allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM.
Related
osv
osv
CVE-2019-1003029
2019-03-08 21:29:00
Sandbox bypass in Script Security Plugin
2022-05-13 01:00:55
cvelist
cvelist
CVE-2019-1003029
2019-03-08 21:00:00
checkpoint_advisories
checkpoint_advisories
Jenkins Script Security Plugin Remote Code Execution (CVE-2019-1003029)
2022-05-15 00:00:00
github
github
Sandbox bypass in Script Security Plugin
2022-05-13 01:00:55
prion
prion
Security feature bypass
2019-03-08 21:29:00
redhatcve
redhatcve
CVE-2019-1003029
2019-03-18 11:19:55
cisa_kev
cisa_kev
Jenkins Script Security Plugin Sandbox Bypass Vulnerability
2022-04-25 00:00:00
nvd
nvd
CVE-2019-1003029
2019-03-08 21:29:00
cve
cve
CVE-2019-1003029
2019-03-08 21:29:00
attackerkb
attackerkb
CVE-2019-1003029
2019-03-08 00:00:00
hackerone
hackerone
Django: Jenkins Unauthenticated RCE on https://djangoci.com/
2019-05-14 07:48:49
canvas
canvas
Immunity Canvas: JENKINS_CHECKSCRIPT_RCE
2019-03-08 21:29:00
thn
thn
nessus
nessus
redhat
redhat