CVE-2019-10356

CVSS v3.1 8.8 (High)

CVSS v2.0 6.5 (Medium)

EPSS 0.47 % (76^th)

Affected Products 2

Advisories 2

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts.

Weaknesses

CWE-NVD-noinfo

CVE Status: PUBLISHED
CNA: Jenkins Project
Published Date: 2019-07-31 13:15:12
(5 years ago)
Updated Date: 2023-10-25 18:16:17
(10 months ago)

Affected Products

Jenkins

Script Security

Redhat

Openshift Container Platform

Configuration #1

		CPE23	From	Up To
	Jenkins Script Security for Jenkins 1.61 and prior versions	cpe:2.3:a:jenkins:script_security::::::jenkins		<= 1.61

Configuration #2

		CPE23	From	Up To
	Redhat Openshift Container Platform 3.11	cpe:2.3:a:redhat:openshift_container_platform:3.11
	Redhat Openshift Container Platform 4.1	cpe:2.3:a:redhat:openshift_container_platform:4.1