logo
DATABASE RESOURCES PRICING ABOUT US

jenkins -- Remote code execution vulnerability in remoting module

Description

Jenkins Security Advisory: An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java object to the Jenkins CLI, making Jenkins connect to an attacker-controlled LDAP server, which in turn can send a serialized payload leading to code execution, bypassing existing protection mechanisms.


Affected Package


OS OS Version Package Name Package Version
FreeBSD any jenkins 2.31
FreeBSD any jenkins-lts 2.19.2

Related