CVE-2020-2110

Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations.
Configurations

Configuration 1 (hide)

cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*

History

21 Nov 2024, 05:24

Type Values Removed Values Added
References () http://www.openwall.com/lists/oss-security/2020/02/12/3 - Mailing List, Third Party Advisory () http://www.openwall.com/lists/oss-security/2020/02/12/3 - Mailing List, Third Party Advisory
References () https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1713 - Vendor Advisory () https://jenkins.io/security/advisory/2020-02-12/#SECURITY-1713 - Vendor Advisory

Information

Published : 2020-02-12 15:15

Updated : 2024-11-21 05:24


NVD link : CVE-2020-2110

Mitre link : CVE-2020-2110

CVE.ORG link : CVE-2020-2110


JSON object : View

Products Affected

jenkins

  • script_security
CWE
CWE-20

Improper Input Validation