CVE-2019-1003041

A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plugin 2.64 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.
Configurations

Configuration 1

cpe:2.3:a:jenkins:pipeline:_groovy:*:*:*:*:*:jenkins:*:*
cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*

Information

Published : 2019-03-28 06:29

Updated : 2020-09-30 12:41


NVD link : CVE-2019-1003041

Mitre link : CVE-2019-1003041

Products Affected
No products.
CWE
CWE-470

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')