Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jenkins Deserialization of Untrusted Data Vulnerability - CVE-2021-21604 - Vulnerability Database
Jenkins

Jenkins Deserialization of Untrusted Data Vulnerability - CVE-2021-21604

High
Reference: CVE-2021-21604
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-21604
Title: Jenkins Deserialization of Untrusted Data Vulnerability
Overview:

Jenkins 2.274 and earlier LTS 2.263.1 and earlier allows attackers with permission to create or configure various objects to inject crafted content into Old Data Monitor that results in the instantiation of potentially unsafe objects once discarded by an administrator.