Pipeline: Groovy

CloudBees CIVersion: 4117.vc0f3c515a_a_a_0

Tier 2: Compatible

Plugin ID: workflow-cps

Minimum Jenkins required: 2.479.3

Last released: 5 days, 15 hours ago

Pipeline execution engine based on continuation passing style transformation of Groovy scripts.

Arbitrary code execution due to incomplete sandbox protection(last version affected: 2.36)
Script Security sandbox bypass(last version affected: 2.59)
Script Security sandbox bypass(last version affected: 2.61)
Script security sandbox bypass(last version affected: 2.63)
Script Security sandbox bypass(last version affected: 2.64)
Sandbox bypass via default method parameter expression(last version affected: 2.78)
Sensitive information disclosure(last version affected: 2648.va9433432b33c)
OS command execution vulnerabilities in Pipeline-related plugins(last version affected: 2648.va9433432b33c)
Vulnerabilities in multiple Pipeline-related plugins allow reading arbitrary files on the controller(last version affected: 2648.va9433432b33c)
Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files(last version affected: 2689.v434009a_31b_f1)
Sandbox bypass vulnerability(last version affected: 2802.v5ea_628154b_c2)
Rebuilding a run with revoked script approval allowed(last version affected: 3990.vd281dd77a_388)

Pipeline: Groovy 4117.vc0f3c515a_a_a_0

SHA1:

3ff1c66b4a54dc01296dccbc471db1385948b45f

SHA256:

4b3bd9f9fe9400e22f9a5e5853f6e9b74fcb6bc7c5ba25ce49d90d85e68b74ae

Maintainers:

Dependencies:

All CloudBees CI Plugins