Description
A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earlier allowed attackers with control over ontrack DSL definitions to execute arbitrary code on the Jenkins master JVM.
Remediation
References
https://jenkins.io/security/advisory/2019-04-17/#SECURITY-1341
http://www.securityfocus.com/bid/108045
Related Vulnerabilities
CVE-2022-31777 Vulnerability in maven package org.apache.spark:spark-core_2.13
CVE-2023-37895 Vulnerability in maven package org.apache.jackrabbit:jackrabbit-webapp
CVE-2013-2135 Vulnerability in maven package com.opensymphony:xwork-core
CVE-2022-41224 Vulnerability in maven package org.jenkins-ci.main:jenkins-core