CVE-2019-1003030

2019-03-20T01:20:27
ID RH:CVE-2019-1003030
Type redhatcve
Reporter redhat.com
Modified 2021-05-13T05:48:11

Description

A flaw was found in the Jenkins Workflow CPS plugin. Parsing, compilation, and script instantiations provided by a crafted Groovy script could escape the sandbox allowing users to execute arbitrary code on the Jenkins master. The highest risk from this vulnerability is to data confidentiality and integrity as well as system availability.