CVE-2019-10417: Incorrect Authorization in Jenkins Kubernetes :: Pipeline :: Kubernetes Steps Plugin
(updated )
Jenkins Kubernetes :: Pipeline :: Kubernetes Steps Plugin provides a custom allow list for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection.
References
Detect and mitigate CVE-2019-10417 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →