Script Security

Security Warnings

• Groovy sandbox protection incomplete(last version affected: 1.18)
• Unsafe methods in the default list of approved signatures(last version affected: 1.29)
• Multiple sandbox bypasses(last version affected: 1.30)
• Arbitrary file read vulnerability(last version affected: 1.36)
• Script Security sandbox bypass(last version affected: 1.47)
• Script Security sandbox bypass(last version affected: 1.49)
• Script Security sandbox bypass(last version affected: 1.50)
• Script Security sandbox bypass(last version affected: 1.52)
• Script security sandbox bypass(last version affected: 1.53)
• Script Security sandbox bypass(last version affected: 1.55)
• Sandbox bypass through type casts(last version affected: 1.61)
• Sandbox bypass through method pointer expressions(last version affected: 1.61)
• Sandbox bypass vulnerability(last version affected: 1.62)
• Sandbox bypass vulnerability(last version affected: 1.64)
• Sandbox bypass vulnerability(last version affected: 1.67)
• Sandbox bypass vulnerability(last version affected: 1.69)
• Sandbox bypass vulnerability(last version affected: 1.70)
• Stored XSS vulnerability(last version affected: 1.72)
• Sandbox bypass vulnerability(last version affected: 1.74)
• CSRF vulnerability(last version affected: 1158.v7c1b_73a_69a_08)
• Sandbox bypass vulnerability(last version affected: 1183.v774b_0b_0a_a_451)
• Whole-script approval vulnerable to SHA-1 collisions(last version affected: 1189.vb_a_b_7c8fd5fde)
• Sandbox bypass vulnerability(last version affected: 1228.vd93135a_2fb_25)
• Multiple sandbox bypass vulnerabilities(last version affected: 1335.vf07d9ce377a_e)
• Missing permission check(last version affected: 1367.vdf2fc45f229c)
• Missing permission check allows enumerating pending and approved classpaths(last version affected: 1399.ve6a_66547f6e1)