search

jfrog / jenkins-artifactory-plugin

Jenkins artifactory plugin
http://jenkins-ci.org/
114 stars 186 forks source link

[🐸 Frogbot] Update version of org.jenkins-ci.plugins.workflow:workflow-cps to 2.65 #840

Open github-actions[bot] opened 1 year ago

github-actions[bot] commented 1 year ago

πŸ“¦ Vulnerable Dependencies

✍️ Summary

| SEVERITY | CONTEXTUAL ANALYSIS | DIRECT DEPENDENCIES | IMPACTED DEPENDENCY | FIXED VERSIONS | | :---------------------: | :----------------------------------: | :----------------------------------: | :-----------------------------------: | :---------------------------------: | | ![](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/applicableCriticalSeverity.png)
Critical | $\color{}{\textsf{Undetermined}}$ |org.jenkins-ci.plugins.workflow:workflow-cps:2.61.1 | org.jenkins-ci.plugins.workflow:workflow-cps:2.61.1 | 2.65 |

πŸ‘‡ Details

Description:

A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plugin 2.64 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.