CVE-2019-1003031

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-1003031

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-1003031.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2019-1003031

Aliases

GHSA-qxf8-8837-hq7w

Downstream

RHSA-2019:0739

Published

2019-03-08T21:29:00.373Z

Modified

2026-02-18T00:20:42.693464Z

Severity

9.9 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.

References

Affected packages

Git / github.com/xtermjs/xterm.js

Affected ranges

Type: GIT
Repo: https://github.com/xtermjs/xterm.js
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

6d6be9bed8dc10e07054431303d7e499cfd598cd

Affected versions

0.*

0.10

0.11

0.12

0.13

0.14

0.15

0.16

0.17

0.18

0.19

0.20

0.21

0.22

0.23

0.24

0.25

0.26

0.27

0.29

0.3

0.30

0.31

0.32

0.33

0.4

0.5

0.6

0.7

0.8

0.9

0.9.1

0.9.2

0.9.3

1.*

1.0.0

1.1.0

1.1.1

1.1.2

1.1.3

2.*

2.0.0

2.0.1

2.1.0

2.2.0

2.2.1

2.2.2

2.2.3

2.3.0

2.3.1

2.3.2

2.4.0

2.5.0

2.6.0

2.7.0

2.8.0

2.8.1

2.9.0

2.9.1

2.9.2

3.*

3.0.0

3.1.0

3.10.0

3.11.0

3.2.0

3.3.0

3.4.0

3.5.0

3.6.0

3.7.0

3.8.0

3.9.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-1003031.json"