Vulnerabilities
Vulnerable Software
A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
CVSS Score
8.8
EPSS Score
0.0
Published
2023-01-26
Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks.
CVSS Score
7.5
EPSS Score
0.0
Published
2022-11-15


Contact Us

Shodan ® - All rights reserved