YSOSerial

2 exploits Active since Jan 2017
CVE-2016-9299 METASPLOIT CRITICAL ruby WORKING POC
Jenkins < 2.32 and LTS < 2.19.3 - Remote Code Execution via LDAP Query Injection
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.
CVSS 9.8
CVE-2016-9299 EXPLOITDB CRITICAL ruby WORKING POC
Jenkins < 2.32 and LTS < 2.19.3 - Remote Code Execution via LDAP Query Injection
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.
CVSS 9.8