Description
Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the commons-fileupload library with the denial-of-service vulnerability known as CVE-2016-3092. The fix for that vulnerability has been backported to the version of the library bundled with Jenkins.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP eCommerce 'wpsc-transaction_results_functions.php' SQL Injection (3.8.7.5)
OpenSSL Resource Management Errors Vulnerability (CVE-2014-0221)
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17302)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4999)
IBM WebSEAL 7PK - Security Features Vulnerability (CVE-2016-3025)