8.8
CVE-2017-1000107
- EPSS 0.27%
- Veröffentlicht 05.10.2017 01:29:04
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginScript Security Plugin did not apply sandboxing restrictions to constructor invocations via positional arguments list, super constructor invocations, method references, and type coercion expressions. This could be used to invoke arbitrary constructors and methods, bypassing sandbox protection.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Jenkins ≫ Script Security Version1.30 SwPlatformjenkins
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.505 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|