Vulnerabilities > Jenkins > Pipeline > groovy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-05 | CVE-2017-1000096 | Incorrect Permission Assignment for Critical Resource vulnerability in Jenkins Pipeline: Groovy Arbitrary code execution due to incomplete sandbox protection: Constructors, instance variable initializers, and instance initializers in Pipeline scripts were not subject to sandbox protection, and could therefore execute arbitrary code. | 6.5 |