mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-08 10:14:49 +02:00
0xMarcio
673 B
673 B
CVE-2018-1999042
Description
A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in XStream2.java that allows attackers to have Jenkins resolve a domain name when deserializing an instance of java.net.URL.
POC
Reference
No PoCs from references.