Allele Security Alert
ASA-2019-00088, SECURITY-129, CVE-2019-1003005
Sandbox bypass in Script Security Plugin
Script Security Plugin up to and including 1.50
Script Security Plugin version 1.51
Proof of concept
Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as `@Grab` to source code elements.
This affected an HTTP endpoint used to validate a user-submitted Groovy script that was not covered in the 2019-01-08 fix for SECURITY-1266 and allowed users with Overall/Read permission to bypass the sandbox protection and execute arbitrary code on the Jenkins master.
Jenkins Security Advisory 2019-01-28
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: June 20, 2019