Описание
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts.
Дополнительная информация
Статус:
Important
Дефект:
CWE-94
https://bugzilla.redhat.com/show_bug.cgi?id=1819692jenkins-script-security-plugin: handling of property names in property expressions on the left-hand side of assignment expression leads to execute arbitrary code in sandboxed scripts
4.2 Medium
CVSS3
Связанные уязвимости
CVSS3: 4.2
nvd
больше 6 лет назад
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts.
CVSS3: 4.2
github
больше 3 лет назад
Sandbox bypass vulnerability in Jenkins Script Security Plugin
4.2 Medium
CVSS3