CVE-2019-10306

A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earlier allowed attackers with control over ontrack DSL definitions to execute arbitrary code on the Jenkins master JVM. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt