CVE-2019-1003030

A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM.
Configurations

Configuration 1

cpe:2.3:a:jenkins:pipeline:_groovy:*:*:*:*:*:jenkins:*:*
cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*

Information

Published : 2019-03-08 09:29

Updated : 2020-10-19 06:15


NVD link : CVE-2019-1003030

Mitre link : CVE-2019-1003030

Products Affected
No products.
CWE