Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57366

Script injection attack when using docker.image

XMLWordPrintable

    • 1.28

      myDocker = docker.image('maven:3.5.3-jdk-1.8| echo a')
      myDocker.pull()

      This will invoke docker pull and echo a which allow script injection to the system 

       

       

        1. image-2019-05-08-16-53-23-409.png
          image-2019-05-08-16-53-23-409.png
          2 kB

            rsandell rsandell
            liuchangcheng Changcheng Liu
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: