Описание
Sandbox bypass in ontrack Jenkins Plugin
A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earlier allowed attackers with control over ontrack DSL definitions to execute arbitrary code on the Jenkins master JVM.
Пакеты
Наименование
org.jenkins-ci.plugins:ontrack
maven
Затронутые версииВерсия исправления
< 3.4.1
3.4.1
Связанные уязвимости
CVSS3: 9.9
nvd
почти 7 лет назад
A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earlier allowed attackers with control over ontrack DSL definitions to execute arbitrary code on the Jenkins master JVM.