CRITICAL
Jenkins
CVE published 2017-01-12
CVE-2016-9299
CVE-2016-9299 is a critical Jenkins vulnerability affecting the remoting module. According to the official record, versions before Jenkins 2.32 and LTS before 2.19.3 allow remote attackers to execute arbitrary code through a crafted serialized Java object that triggers an LDAP query to a third-party server. NVD lists this as a network-reachable, no-authentication issue with high impact to confidentiality, [truncated]