CVE-2019-1003000

Name of the Vulnerable Software and Affected Versions: Script Security Plugin versions 1.49 and earlier

Description: A sandbox bypass issue exists that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM. This is due to a vulnerability in the src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java file.

Recommendations: For Script Security Plugin versions 1.49 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.