CVE-2019-1003000: Code Injection
(updated )
A sandbox bypass vulnerability exists in Script Security Plugin that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
References
Detect and mitigate CVE-2019-1003000 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →