Description
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts.
Remediation
References
http://www.openwall.com/lists/oss-security/2019/07/31/1
https://access.redhat.com/errata/RHSA-2019:2594
https://access.redhat.com/errata/RHSA-2019:2651
https://access.redhat.com/errata/RHSA-2019:2662
https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%282%29
Related Vulnerabilities
CVE-2023-47324 Vulnerability in maven package org.silverpeas.core:silverpeas-core
CVE-2020-28496 Vulnerability in maven package org.webjars.npm:three
CVE-2023-26136 Vulnerability in npm package tough-cookie
CVE-2020-11612 Vulnerability in maven package io.netty:netty-codec
CVE-2022-36896 Vulnerability in maven package com.compuware.jenkins:compuware-scm-downloader