Launch Week Day 1: Announcing Security Design Review
Start for Free
HIGH 8.8 Maven

Improper Input Validation in Jenkins Script Security Plugin

GHSA-qvmf-36h5-3f5v · CVE-2020-2110

Published · Modified

Description

Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes