Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability
NVDKnown Exploited Vulnerability
CVE-2018-1000861, Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. A code execution vulnerability exists in the Stapler web framework used by Jenkins.
The following remediation steps are recommended / required by August 10, 2022: Apply updates per vendor instructions.