CVE-2019-10355
8.8HIGHA sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
Publicado: 7/31/2019Atualizado: 11/21/2024
Descrição
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
Análise IADesenvolvido por IA
Produtos Afetados
jenkinsscript_security
redhatopenshift_container_platform
3.11
redhatopenshift_container_platform
4.1
Referências
- http://www.openwall.com/lists/oss-security/2019/07/31/1Mailing ListThird Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2594Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2651Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2662Third Party Advisory
- https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%281%29
- http://www.openwall.com/lists/oss-security/2019/07/31/1Mailing ListThird Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2594Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2651Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2662Third Party Advisory
- https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%281%29