Security Advisory

CVE-2024-52554

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-13 20:53:03
Last updated 2024-11-13 21:36:03
Assigner jenkins
State PUBLISHED

Description

Jenkins Shared Library Version Override Plugin 17.v786074c9fce7 and earlier declares folder-scoped library overrides as trusted, so that theyre not executed in the Script Security sandbox, allowing attackers with Item/Configure permission on a folder to configure a folder-scoped library override that runs without sandbox protection.