CVE-2017-1000107

Script Security Plugin did not apply sandboxing restrictions to constructor invocations via positional arguments list, super constructor invocations, method references, and type coercion expressions. This could be used to invoke arbitrary constructors and methods, bypassing sandbox protection.
Configurations

Configuration 1 (hide)

cpe:2.3:a:jenkins:script_security:1.30:*:*:*:*:jenkins:*:*

History

21 Nov 2024, 03:04

Type Values Removed Values Added
References () https://jenkins.io/security/advisory/2017-08-07/ - Vendor Advisory () https://jenkins.io/security/advisory/2017-08-07/ - Vendor Advisory

Information

Published : 2017-10-05 01:29

Updated : 2024-11-21 03:04


NVD link : CVE-2017-1000107

Mitre link : CVE-2017-1000107

CVE.ORG link : CVE-2017-1000107


JSON object : View

Products Affected

jenkins

  • script_security