CVE-2019-10306

CVE-2019-10306

EPSS 2.4%

A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earlier allowed attackers with control over ontrack DSL definitions to execute arbitrary code on the Jenkins master JVM.

Affected products

Jenkins project · Jenkins ontrack Plugin

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://jenkins.io/security/advisory/2019-04-17/#SECURITY-1341 http://www.securityfocus.com/bid/108045