A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: jenkins

Published: 2019-09-12T13:55:15

Updated: 2024-08-04T22:24:17.837Z

Reserved: 2019-03-29T00:00:00

Link: CVE-2019-10400

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-09-12T14:15:11.960

Modified: 2024-11-21T04:19:03.257

Link: CVE-2019-10400

cve-icon Redhat

Severity : Important

Publid Date: 2019-09-12T00:00:00Z

Links: CVE-2019-10400 - Bugzilla