Описание
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts.
Дополнительная информация
Статус:
Important
Дефект:
CWE-94
https://bugzilla.redhat.com/show_bug.cgi?id=1819697jenkins-script-security-plugin: handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts
4.2 Medium
CVSS3
Связанные уязвимости
CVSS3: 4.2
nvd
больше 6 лет назад
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts.
CVSS3: 4.2
github
больше 3 лет назад
Sandbox bypass vulnerability in Script Security Plugin
4.2 Medium
CVSS3