WEB APPLICATION VULNERABILITIES Standard & Premium

Jenkins Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3666)

Description

Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel.

Remediation

References

Related Vulnerabilities

YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4111)

SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2021-34520)

Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)

WordPress Plugin MPL-Publisher-Create your Ebook & Audiobook Cross-Site Scripting (1.30.2)

WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes Arbitrary File Write (3.37.14)

Severity

High

Classification

CVE-2014-3666 CWE-94

Tags

Missing Update Known Vulnerabilities