THREAT OPS › CVEs › CVE-2017-1000353
CVE-2017-1000353 — Jenkins Remote Code Execution Vulnerability
Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist-based protection mechanism.
Vulnerability details
- Affected productsJenkins
- KEV remediation due2025-10-23