A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and previous versions in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins pipeline\\ _groovy |
||
redhat openshift container platform 3.11 |