vulnerability

Red Hat OpenShift: CVE-2017-1000095: jenkins-plugin-script-security: Unsafe methods in the default whitelist (SECURITY-538)

Name: Red Hat OpenShift: CVE-2017-1000095: jenkins-plugin-script-security: Unsafe methods in the default whitelist (SECURITY-538)
Creator: Red Hat
Published: 2017-10-04T00:00:00.000Z
Keywords: CVE, CWE-732, Red Hat OpenShift, 2017, 1000095, jenkins, linuxrpm-upgrade-jenkins-plugin-script-security, Severity 4

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Oct 4, 2017

Added

May 7, 2019

Modified

Mar 30, 2026

Description

The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild['rawBuild'] rather than currentBuild.rawBuild. Additionally, the following entries allowed accessing private data that would not be accessible otherwise due to script security: groovy.json.JsonOutput.toJson(Closure); groovy.json.JsonOutput.toJson(Object).

Solution

linuxrpm-upgrade-jenkins-plugin-script-security

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report