Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:16901
HistoryMay 02, 2019 - 5:29 a.m.

Arbitrary Code Execution

2019-05-0205:29:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14

EPSS

0.972

Percentile

99.9%

JSON

jenkins is vulnerable to arbitrary code execution. Remotely authenticated users are able to execute arbitrary code using malicious XML file containing serialized data.

Related

exploitpack 1
ubuntucve 1
checkpoint_advisories 1
mageia 1
prion 1
exploitdb 2
nessus 7
packetstorm 2
saint 3
cve 1
openvas 8
seebug 2
metasploit 1
zdt 2
cvelist 1
nvd 1
fedora 4
freebsd 1
redhat 2
exploitpack
exploitpack
Jenkins 1.650 - Java Deserialization
2017-07-30 00:00:00
ubuntucve
ubuntucve
CVE-2016-0792
2016-04-07 00:00:00
checkpoint_advisories
checkpoint_advisories
Jenkins CI Server XStream Insecure Deserialization (CVE-2016-0792)
2016-05-26 00:00:00
mageia
mageia
Updated jenkins-remoting packages fix CVE-2016-0792
2016-05-05 19:26:44
prion
prion
Design/Logic Flaw
2016-04-07 23:59:00
exploitdb
exploitdb
Jenkins < 1.650 - Java Deserialization
2017-07-30 00:00:00
Jenkins - XStream Groovy classpath Deserialization (Metasploit)
2017-12-19 00:00:00
nessus
nessus
Jenkins < 1.642.2 / 1.650 Java Object Deserialization RCE
2016-02-29 00:00:00
Fedora 23 : jenkins-1.625.3-3.fc23 / jenkins-remoting-2.53.3-1.fc23 (2016-641c8b4eb2)
2016-03-18 00:00:00
FreeBSD : jenkins -- multiple vulnerabilities (7e01df39-db7e-11e5-b937-00e0814cab4e)
2016-02-25 00:00:00
packetstorm
packetstorm
Jenkins Java Deserialization
2017-07-30 00:00:00
Jenkins XStream Groovy Classpath Deserialization
2017-12-19 00:00:00
saint
saint
Jenkins groovy.util.Expando Java deserialization vulnerability
2017-08-15 00:00:00
Jenkins groovy.util.Expando Java deserialization vulnerability
2017-08-15 00:00:00
Jenkins groovy.util.Expando Java deserialization vulnerability
2017-08-15 00:00:00
cve
cve
CVE-2016-0792
2016-04-07 23:59:03
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0162)
2016-05-09 00:00:00
Jenkins Deserialization Vulnerability - CVE-2016-0792
2017-08-10 00:00:00
Fedora Update for jenkins-remoting FEDORA-2016-0
2016-03-18 00:00:00
seebug
seebug
Jenkins 低权限用户 API 服务调用 可致远程命令执行
2016-02-26 00:00:00
XStream 反序列化漏洞
2016-03-02 00:00:00
metasploit
metasploit
Jenkins XStream Groovy classpath Deserialization Vulnerability
2017-11-07 14:46:42
zdt
zdt
Jenkins < 1.650 - Java Deserialization Exploit
2017-07-31 00:00:00
Jenkins XStream Groovy classpath Deserialization Exploit
2017-12-19 00:00:00
cvelist
cvelist
CVE-2016-0792
2016-04-07 23:00:00
nvd
nvd
CVE-2016-0792
2016-04-07 23:59:03
fedora
fedora
[SECURITY] Fedora 23 Update: jenkins-1.625.3-3.fc23
2016-03-17 21:00:40
[SECURITY] Fedora 22 Update: jenkins-1.609.3-6.fc22
2016-03-17 21:25:57
[SECURITY] Fedora 23 Update: jenkins-remoting-2.53.3-1.fc23
2016-03-17 21:00:40
freebsd
freebsd
jenkins -- multiple vulnerabilities
2016-02-24 00:00:00
redhat
redhat
(RHSA-2016:0711) Important: jenkins security update
2016-05-03 15:17:11
(RHSA-2016:1773) Important: Red Hat OpenShift Enterprise 2.2.10 security, bug fix, and enhancement update
2016-08-24 19:27:03

EPSS

0.972

Percentile

99.9%

JSON
Related for VERACODE:16901
exploitpack1ubuntucve1checkpoint_advisories1mageia1prion1exploitdb2nessus7packetstorm2saint3cve1openvas8seebug2metasploit1zdt2cvelist1nvd1fedora4freebsd1redhat2