Incorrect Authorization in Jenkins Kubernetes :: Pipeline :: Kubernetes Steps Plugin
Critical severity
GitHub Reviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Jul 17, 2023
Package
Affected versions
<= 1.6
Patched versions
None
Description
Published by the National Vulnerability Database
Sep 25, 2019
Published to the GitHub Advisory Database
May 24, 2022
Reviewed
Sep 8, 2022
Last updated
Jul 17, 2023
Jenkins Kubernetes :: Pipeline :: Kubernetes Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection.
References