-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stems from insufficient AST transformation restrictions in Groovy script compilation. The commit 2c5122e shows the fix involved adding RejectASTTransformsCustomizer and disabling GrabAnnotationTransformation in createSecureCompilerConfiguration(). The vulnerable versions lacked these protections, allowing malicious AST transforms to execute arbitrary code. The function createSecureCompilerConfiguration() is directly responsible for compiler security settings, making it the core vulnerable component.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:script-security | maven | <= 1.49 | 1.50 |
A Semantic Attack on Google Gemini - Read the Latest Research