CVE-2020-2279 is a vulnerability in Jenkins Script Security
Published on September 23, 2020
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM.
Products Associated with CVE-2020-2279
Want to know whenever a new CVE is published for Jenkins Script Security? stack.watch will email you.
Affected Versions
Jenkins project Jenkins Script Security Plugin:- Version unspecified, <= 1.74 is affected.
- Version 1.66.5 is unaffected.
Exploit Probability
EPSS
0.29%
Percentile
51.60%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.