/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CGA-8r49-hfc8-c22c

Published

Last updated

https://images.chainguard.dev/security/CGA-8r49-hfc8-c22c
Package

jenkins

RepositoryWolfi
Latest Update
Not affected
Aliases
  • CVE-2016-1000027
  • GHSA-4wrc-f8pq-fpqp

Severity

9.8

Critical

CVSS V3

References

  • https://nvd.nist.gov/vuln/detail/CVE-2016-1000027
  • https://github.com/advisories/GHSA-4wrc-f8pq-fpqp

Updates

Status

Not affected

Justification

Vulnerable code not present

Impact

This CVE is disputed by upstream Spring Framework developers: https://github.com/spring-projects/spring-framework/issues/24434#issuecomment-582313417. The Spring Framework provides an option to invoke ObjectInputStream (along with documented warnings). The presence of this capability in the Spring Framework doesn't represent a vulnerability.

Status

Not affected

Justification

Vulnerable code not in execute path

Impact

Data serialization is performed by the Jenkins framework, nothing specific to this application.

Status

Under investigation

Safe Source for Open Source™
Contact us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSGolden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsChainguard CoursesDocumentationTrust Center

Company

About UsBlogPartnersNewsroomCareersLegal