Lucene search
+L

CloudBees Jenkins Deserialized URL Object Bypass Vulnerability

🗓️ 27 Aug 2018 00:00:00Reported by China National Vulnerability DatabaseType 
cnvd
 cnvd
🔗 www.cnvd.org.cn👁 4 Views

CloudBees Jenkins deserialization URL object bypass in XStream2.java causes domain resolution during URL deserialization.

Related
Refs
ReporterTitlePublishedViews
Family
cve
CVE-2018-1999042
23 Aug 201818:00
cve
cvelist
CVE-2018-1999042
23 Aug 201818:00
cvelist
euvd
EUVD-2022-1940
3 Oct 202520:07
euvd
github
Deserialization of Untrusted Data in Jenkins
14 May 202201:04
github
nessus
Jenkins < 2.121.3 / 2.138 Multiple Vulnerabilities
6 Sep 201800:00
nessus
nvd
CVE-2018-1999042
23 Aug 201818:29
nvd
openvas
Jenkins < 2.138 and < 2.121.3 LTS Multiple Vulnerabilities - Linux
27 Aug 201800:00
openvas
openvas
Jenkins < 2.138 and < 2.121.3 LTS Multiple Vulnerabilities - Windows
27 Aug 201800:00
openvas
osv
GHSA-28P3-MCHR-9FRJ Deserialization of Untrusted Data in Jenkins
14 May 202201:04
osv
prion
Design/Logic Flaw
23 Aug 201818:29
prion
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

22 Jul 2019 00:00Current
5.5Medium risk
Vulners AI Score5.5
CVSS 25
CVSS 35.3
EPSS0.01459
4