Sandbox Bypass Vulnerability in Jenkins Script Security Plugin by Jenkins
CVE-2019-1003040
9.8CRITICAL
Key Information:
- Vendor
Jenkins
- Vendor
- CVE Published:
- 28 March 2019
What is CVE-2019-1003040?
A sandbox bypass vulnerability exists in the Jenkins Script Security Plugin, allowing unauthorized code execution. Specifically, this vulnerability enables attackers to invoke arbitrary constructors within sandboxed scripts, potentially leading to unauthorized access and manipulation of the Jenkins environment. Users of versions 1.55 and earlier of the plugin are particularly at risk and should apply necessary updates to mitigate this security issue. For more details on this vulnerability, refer to the advisories released by Jenkins and security experts.
Affected Version(s)
Jenkins Script Security Plugin 1.55 and earlier