CVE-2017-1000353: Jenkins Remote Code Execution Vulnerability. Jenkins

Jenkins Remote Code Execution Vulnerability. Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist-based protection mechanism.

• CISA KEV-listed (remediation due 2025-10-23)
• EPSS 94.5% (100.0% percentile)

Browse the CVE database

Read the full analysis on IntelFusions