All vulnerabilities
CVE-2018-1000861
Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability
Jenkins — Jenkins Stapler Web Framework
- Added to KEV catalog
- 10 February 2022
- Federal remediation due date
- 10 August 2022
- Weakness classification (CWE)
- CWE-502
CISA Description
A code execution vulnerability exists in the Stapler web framework used by Jenkins
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-1000861
More Jenkins Vulnerabilities
CVE-2017-1000353
Jenkins Remote Code Execution Vulnerability
CVE-2024-23897
Jenkins Command Line Interface (CLI) Path Traversal Vulnerability
CVE-2015-5317
Jenkins User Interface (UI) Information Disclosure Vulnerability
CVE-2019-1003029
Jenkins Script Security Plugin Sandbox Bypass Vulnerability
CVE-2019-1003030
Jenkins Matrix Project Plugin Remote Code Execution Vulnerability
Confirm Your Exposure
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services