4.9
CVE-2019-10393
- EPSS 0.22%
- Veröffentlicht 12.09.2019 14:15:11
- Zuletzt bearbeitet 21.11.2024 04:19:02
- Quelle jenkinsci-cert@googlegroups.co
- CVE-Watchlists
- Unerledigt
LoginA sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Jenkins ≫ Script Security SwPlatformjenkins Version <= 1.62
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.417 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.2 | 1.6 | 2.5 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
|
| nvd@nist.gov | 4.9 | 6.8 | 4.9 |
AV:N/AC:M/Au:S/C:P/I:P/A:N
|