CVE-2019-10306

CVE-2019-10306

EPSS 2.4%

A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earlier allowed attackers with control over ontrack DSL definitions to execute arbitrary code on the Jenkins master JVM.

Produtos afetados

Jenkins project · Jenkins ontrack Plugin

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://jenkins.io/security/advisory/2019-04-17/#SECURITY-1341 http://www.securityfocus.com/bid/108045