https://pwnwiki.com/index.php?action=history&feed=atom&title=CVE-2019-1003000_%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E%2Fzh-hant
CVE-2019-1003000 遠程代碼執行漏洞/zh-hant - Revision history
2026-04-13T21:01:40Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=CVE-2019-1003000_%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E/zh-hant&diff=3574&oldid=prev
Pwnwiki: Created page with "Pipeline: Groovy 插件 <= 2.61。"
2021-05-26T13:54:21Z
<p>Created page with "Pipeline: Groovy 插件 <= 2.61。"</p>
<p><b>New page</b></p><div><languages /><br />
實際影響版本及編號:CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)<br />
<br />
擁有Overall/Read 權限的用戶可以繞過沙盒保護,在jenkins可以執行任意代碼。此漏洞需要一個賬號密碼和一個存在的job。<br />
<br />
受影響插件版本:<br />
<br />
Pipeline: Declarative 插件 <= 1.3.4。 <br />
<br />
Pipeline: Groovy 插件 <= 2.61。 <br />
<br />
Script Security 插件 <= 1.49。<br />
<br />
下載環境和利用代碼:<br />
https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc.git</div>
Pwnwiki