logo
DATABASE RESOURCES PRICING ABOUT US

Improper Neutralization of Special Elements used in an LDAP Query in Jenkins

Description

The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.


Affected Software


CPE Name Name Version
org.jenkins-ci.main:jenkins-core 2.19.2
org.jenkins-ci.main:jenkins-core 2.20
org.jenkins-ci.main:jenkins-core 2.31

Related