CVE-2016-3102
The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations.
| Software | From | Fixed in |
|---|---|---|
| jenkins / script_security | 1.1 | 1.1.x |
| jenkins / script_security | 1.6 | 1.6.x |
| jenkins / script_security | 1.11 | 1.11.x |
| jenkins / script_security | 1.2 | 1.2.x |
| jenkins / script_security | 1.8 | 1.8.x |
| jenkins / script_security | 1.9 | 1.9.x |
| jenkins / script_security | 1.18 | 1.18.x |
| jenkins / script_security | 1.4 | 1.4.x |
| jenkins / script_security | 1.10 | 1.10.x |
| jenkins / script_security | 1.15 | 1.15.x |
| jenkins / script_security | 1.16 | 1.16.x |
| jenkins / script_security | 1.14 | 1.14.x |
| jenkins / script_security | 1.13 | 1.13.x |
| jenkins / script_security | 1.7 | 1.7.x |
| jenkins / script_security | 1.5 | 1.5.x |
| jenkins / script_security | 1.17 | 1.17.x |
| jenkins / script_security | 1.12 | 1.12.x |
| jenkins / script_security | 1.3 | 1.3.x |
| jenkins / script_security | 1.0 | 1.0.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime