Jenkins Script Security vulnerabilities

CVE-2019-10356 [HIGH] CVE-2019-10356: A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the han A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts.

CVE-2019-10355 [HIGH] CWE-704 CVE-2019-10355: A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the han A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.

CVE-2019-1003040 [CRITICAL] CWE-470 CVE-2019-1003040: A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers t A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.

CVE-2019-1003029 [CRITICAL] CVE-2019-1003029: A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the J

CVE-2019-1003024 [HIGH] CVE-2019-1003024: A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectAS A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.

CVE-2019-1003005 [HIGH] CVE-2019-1003005: A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.

CVE-2019-1003000 [HIGH] CVE-2019-1003000: A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/or A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.

CVE-2018-1000865 [HIGH] CWE-269 CVE-2018-1000865: A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/s A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed.

CVE-2017-1000505 [MEDIUM] CWE-200 CVE-2017-1000505: In Jenkins Script Security Plugin version 1.36 and earlier, users with the ability to configure sand In Jenkins Script Security Plugin version 1.36 and earlier, users with the ability to configure sandboxed Groovy scripts are able to use a type coercion feature in Groovy to create new `File` objects from strings. This allowed reading arbitrary files on the Jenkins master file system. Such a type coercion is now subject to sandbox protection and

CVE-2017-1000107 [HIGH] CVE-2017-1000107: Script Security Plugin did not apply sandboxing restrictions to constructor invocations via position Script Security Plugin did not apply sandboxing restrictions to constructor invocations via positional arguments list, super constructor invocations, method references, and type coercion expressions. This could be used to invoke arbitrary constructors and methods, bypassing sandbox protection.

CVE-2017-1000095 [MEDIUM] CWE-732 CVE-2017-1000095: The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, Stri The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild['rawBuild'] rather than currentBuild.rawBuild. Additionally, the foll

CVE-2016-3102 [HIGH] CWE-254 CVE-2016-3102: The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations.