Description
Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the commons-fileupload library with the denial-of-service vulnerability known as CVE-2016-3092. The fix for that vulnerability has been backported to the version of the library bundled with Jenkins.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Data Access SQL Injection (4.3.1)
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1453)
Apache HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2024-38474)
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19595)
PrestaShop Improper Privilege Management Vulnerability (CVE-2023-43663)