CVE-2017-1000394

Name of the Vulnerable Software and Affected Versions Jenkins versions prior to 2.73.1 Jenkins version 2.83 and earlier

Description The issue is related to a denial-of-service vulnerability in the commons-fileupload library bundled with Jenkins. The estimated number of potentially affected devices is not specified. There is no information about real-world incidents where this issue was exploited. The vulnerability is related to the commons-fileupload library, but specific technical details about exploitation, such as API endpoints, vulnerable parameters, or function names, are not provided.

Recommendations For Jenkins versions prior to 2.73.1, update the commons-fileupload library to a version that includes the backported fix. For Jenkins version 2.83 and earlier, update the commons-fileupload library to a version that includes the backported fix.