Описание
Script security sandbox bypass in Matrix Project Plugin
A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.
Ссылки
Пакеты
org.jenkins-ci.plugins:matrix-project
< 1.14
1.14
Связанные уязвимости
A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.
A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.
Уязвимость компонентов pom.xml и FilterScript.java плагина Jenkins Matrix Project, позволяющая нарушителю выполнить произвольный код