Description
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts.
Remediation
References
http://www.openwall.com/lists/oss-security/2019/07/31/1
https://access.redhat.com/errata/RHSA-2019:2594
https://access.redhat.com/errata/RHSA-2019:2651
https://access.redhat.com/errata/RHSA-2019:2662
https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%282%29
Related Vulnerabilities
CVE-2023-43495 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2023-47323 Vulnerability in maven package org.silverpeas.core:silverpeas-core-web
CVE-2023-35142 Vulnerability in maven package com.checkmarx.jenkins:checkmarx
CVE-2021-23900 Vulnerability in maven package com.mikesamuel:json-sanitizer
CVE-2020-19697 Vulnerability in maven package org.webjars.bowergithub.pandao:editor.md