Jenkins Script Security and Pipeline Groovy Plugins Sandbox Bypass

GHSA-gqhm-4h93-rrhg · CVE-2018-1000866

Published May 13, 2022 · Modified Feb 16, 2024

Description

A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers with Job/Configure permission, or unauthorized attackers with SCM commit privileges and corresponding pipelines based on Jenkinsfiles set up in Jenkins, to execute arbitrary code on the Jenkins master JVM

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2018-1000866
WEB https://github.com/jenkinsci/script-security-plugin/commit/16c862ae9d4038a3edbd8bdfb0fd1401a509d56b
WEB https://github.com/jenkinsci/workflow-cps-plugin/commit/0eb89aaf24065dbbdf6db84516ac1a52cd435e6d
WEB https://github.com/jenkinsci/workflow-cps-plugin/commit/e1c56eb6d85d513cb24dfe188e6f592d0ff84b38
WEB https://access.redhat.com/errata/RHBA-2019:0326
WEB https://access.redhat.com/errata/RHBA-2019:0327
WEB https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes