Open github-actions[bot] opened 11 months ago
Description:
A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plugin 2.64 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.
📦 Vulnerable Dependencies
✍️ Summary
Critical | Undetermined | org.jenkins-ci.plugins.workflow:workflow-cps:2.61.1 | org.jenkins-ci.plugins.workflow:workflow-cps:2.61.1 | [2.92.1]
[2.94.1]
[2656.vf7a] |
👇 Details
Description:
A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plugin 2.64 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.