Incorrect Type Conversion or Cast
CVE-2019-10355
Summary
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- LOW
- HIGH
- HIGH
CWE-704 - Incorrect Type Conversion or Cast
The software does not correctly convert an object, resource, or structure from one type to a different type.
References
Advisory Timeline
- Published