Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability

Known Exploited Vulnerability

CVE-2018-1000861, Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. A code execution vulnerability exists in the Stapler web framework used by Jenkins.

The following remediation steps are recommended / required by August 10, 2022: Apply updates per vendor instructions.