0.008 Low
EPSS
Percentile
81.9%
Jenkins OpenShift Pipeline Plugin 1.0.56 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
bugzilla.redhat.com/show_bug.cgi?id=1816433
jenkins.io/security/advisory/2020-03-25/#SECURITY-1739
nvd.nist.gov/vuln/detail/CVE-2020-2167
www.cve.org/CVERecord?id=CVE-2020-2167