A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: jenkins

Published: 2020-09-23T13:10:17

Updated: 2024-08-04T07:01:41.169Z

Reserved: 2019-12-05T00:00:00

Link: CVE-2020-2279

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-09-23T14:15:13.007

Modified: 2024-11-21T05:25:11.073

Link: CVE-2020-2279

cve-icon Redhat

No data.