Jenkins Pipeline\
3 CVEs affecting Jenkins Pipeline\. Latest disclosed: 2026-05-27. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-1000096 | High | 8.8 | 2017-10-05 | Arbitrary code execution due to incomplete sandbox protection: Constructors, instance variable initializers, and instance initializers in Pipeline scripts were… |
CVE-2026-48921 | High | 7.5 | 2026-05-27 | Jenkins Pipeline: Groovy Libraries Plugin 797.v90ea_a_9b_e45a_0 and earlier does not prohibit symbolic links in shared libraries, allowing attackers able to co… |
CVE-2017-1000089 | Medium | 5.3 | 2017-10-05 | Builds in Jenkins are associated with an authentication that controls the permissions that the build has to interact with other elements in Jenkins. The Pipeli… |