CVE-2019-10355
8.8HIGHA sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
게시됨: 7/31/2019업데이트됨: 11/21/2024
설명
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
AI 분석AI 기반
영향받는 제품
jenkinsscript_security
redhatopenshift_container_platform
3.11
redhatopenshift_container_platform
4.1
참조
- http://www.openwall.com/lists/oss-security/2019/07/31/1Mailing ListThird Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2594Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2651Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2662Third Party Advisory
- https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%281%29
- http://www.openwall.com/lists/oss-security/2019/07/31/1Mailing ListThird Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2594Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2651Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2662Third Party Advisory
- https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%281%29