CVE-2019-10306

Summary

A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earlier allowed attackers with control over ontrack DSL definitions to execute arbitrary code on the Jenkins master JVM.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins ontrack Plugin3.4 and earlieraffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References