Jenkins多个插件沙箱绕过及信息泄露漏洞(CVE-2019-1003029至1003035)

Jenkins Security Advisory 2019-03-06 Key Vulnerabilities Sandbox Bypass in Script Security Plugin CVE: CVE-2019-1003029 Severity: High Affected Plugins: script-security Sandbox Bypass in Pipeline: Groovy Plugin CVE: CVE-2019-1003030 Severity: High Affected Plugins: workflow-cps Script Security Sandbox Bypass in Matrix Project Plugin CVE: CVE-2019-1003031 Severity: High Affected Plugins: matrix-project Script Security Sandbox Bypass in Email Extension Plugin CVE: CVE-2019-1003032 Severity: High Affected Plugins: email-ext Script Security Sandbox Bypass in Groovy Plugin CVE: CVE-2019-1003033 Severity: High Affected Plugins: groovy Script Security Sandbox Bypass in Job DSL Plugin CVE: CVE-2019-1003034 Severity: High Affected Plugins: job-dsl Information Disclosure in Azure VM Agents Plugin CVE: CVE-2019-1003035 Severity: Medium Affected Plugins: azure-vm-agents Affected Versions AppDynamics Dashboard Plugin: up to and including 1.0.14 Azure VM Agents Plugin: up to and including 0.8.0 Bitbar Run-in-Cloud Plugin: up to and including 2.69.1 Fix AppDynamics Dashboard Plugin: Update to version 1.0.15 Azure VM Agents Plugin: Update to version 0.8.1 Bitbar Run-in-Cloud Plugin: Update to version 2.70.0

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

Jenkins多个插件沙箱绕过及信息泄露漏洞(CVE-2019-1003029至1003035)

目标达成感谢每一位支持者 — 我们达成了 100% 目标！