CVE-2021-21604

Deserialization of Untrusted Data in maven/org.jenkins-ci.main/jenkins-core

Identifiers

CVE-2021-21604

Package Slug

maven/org.jenkins-ci.main/jenkins-core

Vulnerability

Deserialization of Untrusted Data

Description

Jenkins allows attackers with permission to create or configure various objects to inject crafted content into Old Data Monitor that results in the instantiation of potentially unsafe objects once discarded by an administrator.

Affected Versions

All versions after 2.263.1 up to 2.274

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-01-18

source