CVE-2019-10355
8.8HIGHA sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
Publicado: 7/31/2019Actualizado: 11/21/2024
Descripción
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
Análisis IAImpulsado por IA
Productos Afectados
jenkinsscript_security
redhatopenshift_container_platform
3.11
redhatopenshift_container_platform
4.1
Referencias
- http://www.openwall.com/lists/oss-security/2019/07/31/1Mailing ListThird Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2594Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2651Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2662Third Party Advisory
- https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%281%29
- http://www.openwall.com/lists/oss-security/2019/07/31/1Mailing ListThird Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2594Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2651Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2662Third Party Advisory
- https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%281%29