Description
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.
Remediation
References
Related Vulnerabilities
WordPress Plugin Comic Book Management System SQL Injection (2.1.0)
Nginx Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-1247)
MySQL CVE-2018-2777 Vulnerability (CVE-2018-2777)
Magento Improper Authorization Vulnerability (CVE-2021-21026)
WordPress Plugin Chameleoni Jobs Multiple Cross-Site Scripting Vulnerabilities (1.2.2)