A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
Advisories
Source ID Title
EUVD EUVD EUVD-2022-4680 A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
Github GHSA Github GHSA GHSA-p56j-x44h-g66j Incorrect Privilege Assignment in Jenkins Script Security Plugin
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: jenkins

Published:

Updated: 2024-08-04T22:17:20.427Z

Reserved: 2019-03-29T00:00:00

Link: CVE-2019-10355

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-07-31T13:15:12.433

Modified: 2024-11-21T04:18:57.483

Link: CVE-2019-10355

cve-icon Redhat

Severity : Important

Publid Date: 2019-08-01T00:00:00Z

Links: CVE-2019-10355 - Bugzilla

cve-icon OpenCVE Enrichment

No data.