Jenkins Code Coverage API Plugin 1.4.0 and previous versions does not apply Jenkins JEP-200 deserialization protection to Java objects it deserializes from disk, resulting in a remote code execution vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins code coverage api |