CVE-2021-21604: Deserialization of Untrusted Data
(updated )
Jenkins allows attackers with permission to create or configure various objects to inject crafted content into Old Data Monitor that results in the instantiation of potentially unsafe objects once discarded by an administrator.
References
Code Behaviors & Features
Detect and mitigate CVE-2021-21604 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →