Script Security
How to install
Documentation
Releases
Issues
Dependencies
Health Score
Documentation for this plugin is here:
https://github.com/jenkinsci/script-security-plugin
Version: 1367.vdf2fc45f229c
Released:
a week ago
Requires Jenkins 2.387.3
ID: script-security
Installed on 98.5% of controllers
View detailed version information
Links
GitHub
Open issues (Jira)
Report an issue (Jira)
Extension Points
Javadoc
Labels
Library plugins (for use by other plugins)
Security
Maintainers
Jesse Glick
Kohsuke Kawaguchi
Andrew Bayer
rsandell
Devin Nusbaum
Carroll Chiou
Liam Newman
Karl Shultz
Help us improve this page!
To propose a change submit a pull request to
the plugin page
on GitHub.
Previous Security Warnings
Groovy sandbox protection incomplete
Affects version 1.18 and earlier
Unsafe methods in the default list of approved signatures
Affects version 1.29 and earlier
Multiple sandbox bypasses
Affects version 1.30 and earlier
Arbitrary file read vulnerability
Affects version 1.36 and earlier
Script Security sandbox bypass
Affects version 1.47 and earlier
Script Security sandbox bypass
Affects version 1.49 and earlier
Script Security sandbox bypass
Affects version 1.50 and earlier
Script Security sandbox bypass
Affects version 1.52 and earlier
Script security sandbox bypass
Affects version 1.53 and earlier
Script Security sandbox bypass
Affects version 1.55 and earlier
Sandbox bypass through type casts
Affects version 1.61 and earlier
Sandbox bypass through method pointer expressions
Affects version 1.61 and earlier
Sandbox bypass vulnerability
Affects version 1.62 and earlier
Sandbox bypass vulnerability
Affects version 1.64 and earlier
Sandbox bypass vulnerability
Affects version 1.67 and earlier
Sandbox bypass vulnerability
Affects version 1.69 and earlier
Sandbox bypass vulnerability
Affects version 1.70 and earlier
Stored XSS vulnerability
Affects version 1.72 and earlier
Sandbox bypass vulnerability
Affects version 1.74 and earlier
CSRF vulnerability
Affects version 1158.v7c1b_73a_69a_08 and earlier
Sandbox bypass vulnerability
Affects version 1183.v774b_0b_0a_a_451 and earlier
Whole-script approval vulnerable to SHA-1 collisions
Affects version 1189.vb_a_b_7c8fd5fde and earlier
Sandbox bypass vulnerability
Affects version 1228.vd93135a_2fb_25 and earlier
Multiple sandbox bypass vulnerabilities
Affects version 1335.vf07d9ce377a_e and earlier