VYPR
← All advisories
High severityNVD Advisory· Published Feb 6, 2019· Updated Sep 16, 2024

CVE-2019-1003006

CVE-2019-1003006

Description

A sandbox bypass in Jenkins Groovy Plugin 2.0 and earlier allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins controller via an unsafe AST-transformation validation endpoint.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A sandbox bypass in Jenkins Groovy Plugin 2.0 and earlier allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins controller via an unsafe AST-transformation validation endpoint.

Vulnerability

The Jenkins Groovy Plugin before version 2.1 contains a sandbox bypass vulnerability in src/main/java/hudson/plugins/groovy/StringScriptSource.java [1][2]. The plugin exposes a form validation HTTP endpoint that compiles a user-submitted Groovy script without sandbox protection [1]. This allows attackers who have at least Overall/Read permission to bypass the Script Security sandbox by applying AST-transforming annotations such as @Grab to source code elements, resulting in arbitrary code execution on the Jenkins master JVM [1][2]. All versions of the Groovy Plugin up to and including 2.0 are affected [2].

Exploitation

An attacker who has Overall/Read permission in a Jenkins instance can exploit this by submitting a crafted Groovy script to the validation endpoint [1]. The attacker can use AST-transforming annotations (e.g., @Grab, @ASTTest) to execute arbitrary Groovy code during the compilation phase, bypassing the usual sandbox restrictions [1]. No other authentication or user interaction beyond the initial permission is required; the attack is performed over HTTP against the vulnerable endpoint [1][2].

Impact

Successful exploitation allows the attacker to execute arbitrary code in the context of the Jenkins master JVM [1][2]. This can lead to full compromise of the Jenkins controller, including the ability to read, modify, or delete sensitive data, install malware, or pivot to other systems reachable from the Jenkins server [1][2]. The attacker gains effectively the same privileges as the Jenkins process itself [1].

Mitigation

The fix was released in Jenkins Groovy Plugin version 2.1 on 2019-01-28 [1]. The fix ensures that the validation HTTP endpoint applies a safe Groovy compiler configuration that prohibits the use of unsafe AST-transforming annotations [1][3]. Users should upgrade to the latest version of the plugin. No known workarounds are available; users who cannot upgrade should restrict access to the affected form validation endpoint as much as possible [1].

References
  1. Jenkins Security Advisory 2019-01-28
  2. NVD - CVE-2019-1003006
  3. [SECURITY-1293] Secure the script check in StringScriptSource · jenkinsci/groovy-plugin@212e048

AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.jenkins-ci.plugins:groovyMaven
< 2.12.1

Affected products

2

Patches

1
212e048a319a

[SECURITY-1293] Secure the script check in StringScriptSource

https://github.com/jenkinsci/groovy-pluginAndrew BayerJan 22, 2019via ghsa
commit
3 files changed · +67 5
  • pom.xml+4 4 modified
    @@ -4,7 +4,7 @@
     <parent>
         <groupId>org.jenkins-ci.plugins</groupId>
         <artifactId>plugin</artifactId>
-        <version>2.19</version>
+        <version>3.21</version>
         <relativePath />
     </parent>
 
@@ -15,8 +15,8 @@
     <url>http://wiki.jenkins-ci.org/display/JENKINS/Groovy+plugin</url>
 
     <properties>
-        <jenkins.version>1.580.3</jenkins.version>
-        <java.level>6</java.level>
+        <jenkins.version>2.7.3</jenkins.version>
+        <java.level>7</java.level>
     </properties>
 
     <developers>
@@ -53,7 +53,7 @@
         <dependency>
             <groupId>org.jenkins-ci.plugins</groupId>
             <artifactId>script-security</artifactId>
-            <version>1.24</version>
+            <version>1.50</version>
         </dependency>
     </dependencies>
  • src/main/java/hudson/plugins/groovy/StringScriptSource.java+2 1 modified
    @@ -10,6 +10,7 @@
 
 import java.io.IOException;
 import org.codehaus.groovy.control.CompilationFailedException;
+import org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox;
 import org.kohsuke.stapler.DataBoundConstructor;
 import org.kohsuke.stapler.QueryParameter;
 
@@ -67,7 +68,7 @@ public FormValidation doCheckScript(@QueryParameter String command) {
                 return FormValidation.error("Script seems to be empty string!");
 
             try {
-                new GroovyShell().parse(command);
+                new GroovyShell(GroovySandbox.createSecureCompilerConfiguration()).parse(command);
                 return FormValidation.ok("So far so good");
             } catch (CompilationFailedException e) {
                 return FormValidation.error(e.getMessage());
  • src/test/java/hudson/plugins/groovy/StringScriptSourceTest.java+61 0 added
    @@ -0,0 +1,61 @@
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2019, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package hudson.plugins.groovy;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
+
+import static org.hamcrest.Matchers.containsString;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThat;
+
+public class StringScriptSourceTest {
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    @Issue("SECURITY-1293")
+    @Test
+    public void blockASTTest() throws Exception {
+        StringScriptSource.DescriptorImpl d = j.jenkins.getDescriptorByType(StringScriptSource.DescriptorImpl.class);
+        assertThat(d.doCheckScript("import groovy.transform.*\n" +
+                "import jenkins.model.Jenkins\n" +
+                "import hudson.model.FreeStyleProject\n" +
+                "@ASTTest(value={ assert Jenkins.getInstance().createProject(FreeStyleProject.class, \"should-not-exist\") })\n" +
+                "@Field int x\n" +
+                "echo 'hello'\n").toString(), containsString("Annotation ASTTest cannot be used in the sandbox"));
+
+        assertNull(j.jenkins.getItem("should-not-exist"));
+    }
+
+    @Issue("SECURITY-1293")
+    @Test
+    public void blockGrab() throws Exception {
+        StringScriptSource.DescriptorImpl d = j.jenkins.getDescriptorByType(StringScriptSource.DescriptorImpl.class);
+        assertThat(d.doCheckScript("@Grab(group='foo', module='bar', version='1.0')\ndef foo\n").toString(),
+                containsString("Annotation Grab cannot be used in the sandbox"));
+    }
+}

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

4

News mentions

0

No linked articles in our index yet.