CyberSec.Space Logo
CVEブラウザに戻る

CVE-2019-1003031

CRITICAL
9.9
CVSS Severity Score
EPSS Score0.1020%
EPSS Percentile19.52th
Published2019年3月8日
Last Modified2024年11月21日

Vulnerability Description

A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.

Affected Platforms (CPE)

📦
Jenkins

Matrix Project

<= 1.13
📦
Redhat

Openshift Container Platform

= 3.11

References & Advisories

🔗 http://www.securityfocus.com/bid/107476
🔗 https://access.redhat.com/errata/RHSA-2019:0739
🔗 https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339
🔗 http://www.securityfocus.com/bid/107476
🔗 https://access.redhat.com/errata/RHSA-2019:0739
🔗 https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339

関連する脆弱性情報

CVE-2020-22255.4

Jenkins Matrix Project Plugin 1.16 and earlier does not escape the axis names shown in tooltips on the overview page of builds wit...

CVE-2020-22245.4

Jenkins Matrix Project Plugin 1.16 and earlier does not escape the node names shown in tooltips on the overview page of builds wit...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...