NuytsTech Security

CVE-2016-9299

by ·

The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.

Date published : 2017-01-12

http://www.securityfocus.com/bid/94281

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-11-16

Tags: