CVE Vulnerability
CVE-2022-41237
Jenkins DotCi Plugin 2.40.00 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
References
| Link | Resource |
|---|---|
| https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-1737 | Vendor Advisory |
Configurations
Configuration 1
|
Information
Published : 2022-09-21 04:15
Updated : 2022-09-22 04:07
NVD link : CVE-2022-41237
Mitre link : CVE-2022-41237
Products Affected
No products.
CWE
CWE-502
Deserialization of Untrusted Data