← Back

CVE-2019-10356

nvd nist
Published: Jul 31, 2019Modified: Nov 21, 2024

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts.

Affected (3)

Jenkins
1 product
Script Security
Redhat
1 product
Openshift Container Platform
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Script Security
Up to 1.61
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Openshift Container Platform
Version 3.11
Openshift Container Platform
Version 4.1

References (10)

Source: jenkinsci-cert@googlegroups.com
Mailing ListThird Party Advisory
Source: jenkinsci-cert@googlegroups.com
Third Party Advisory
Source: jenkinsci-cert@googlegroups.com
Third Party Advisory
Source: jenkinsci-cert@googlegroups.com
Third Party Advisory
Source: jenkinsci-cert@googlegroups.com
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.