Description
Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the commons-fileupload library with the denial-of-service vulnerability known as CVE-2016-3092. The fix for that vulnerability has been backported to the version of the library bundled with Jenkins.
Remediation
References
Related Vulnerabilities
Internet Information Services Other Vulnerability (CVE-2001-0333)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5868)
WordPress Plugin Event Banner Arbitrary File Upload (1.3)
Oracle Database Server CVE-2008-2604 Vulnerability (CVE-2008-2604)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7572)