Affecting org.jenkins-ci.plugins:script-security artifact, versions [,1.75)Report new vulnerabilities
org.jenkins-ci.plugins:script-security is a package that allows Jenkins administrators to control what in-process scripts can be run by less-privileged users.
Affected versions of this package are vulnerable to Sandbox Bypass. Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call is to be allowed.
org.jenkins-ci.plugins:script-security to version 1.75 or higher.