CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Github Security Blog•added 2022/05/13 1:36 a.m.•37 views

Deserialization of Untrusted Data in Jenkins

Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs SECURITY-383...

8.8CVSS8.8AI score0.02976EPSS

Exploits1References6Affected Software1

Prion•added 2018/05/15 8:29 p.m.•21 views

Remote code execution

Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs SECURITY-383...

6.5CVSS8.8AI score0.02976EPSS

Exploits1References4Affected Software1

CVE•added 2018/05/15 8:0 p.m.•198 views

CVE-2017-2608

CVE-2017-2608 is a remote-code-execution vulnerability in Jenkins via deserialization in XStream-based APIs (javax.imageio). Affected are Jenkins versions before 2.44 and 2.32.2 (as listed in multiple advisories). The flaw arises from improper validation of user-supplied input before deserializat...

8.8CVSS7.1AI score0.02976EPSS

Exploits1References4Affected Software1

Cvelist•added 2018/05/15 8:0 p.m.•18 views

CVE-2017-2608

Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs SECURITY-383...

8.8CVSS6.5AI score0.02976EPSS

Exploits1References4

RedhatCVE•added 2017/02/02 3:19 p.m.•24 views

CVE-2017-2608

Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs SECURITY-383...

8.8CVSS6.2AI score0.02976EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by