Vulnerabilities > Jenkins > Pipeline > groovy
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-05 | CVE-2017-1000096 | Incorrect Permission Assignment for Critical Resource vulnerability in Jenkins Pipeline: Groovy Arbitrary code execution due to incomplete sandbox protection: Constructors, instance variable initializers, and instance initializers in Pipeline scripts were not subject to sandbox protection, and could therefore execute arbitrary code. | 8.8 |