cbcvebase.
CVE-2019-10431
published 2019-10-01

CVE-2019-10431: A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors…

critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts.

Affected

8 ranges
VendorProductVersion rangeFixed in
jenkinsdingtalk_plugin
jenkinshtml_publisher_plugin
jenkinsldap_email_plugin
jenkinssandbox_protection_in_script_security_plugin
jenkinsscript_security<= 1.64
jenkinsscript_security_plugin
jenkinssourcegear_vault_plugin
jenkins_projectjenkins_script_security_plugin