CISA description
A code execution vulnerability exists in the Stapler web framework used by Jenkins
CVE-2018-1000861
Jenkins · Jenkins Stapler Web Framework
Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability
Required action
Apply updates per vendor instructions.
Notes & references
Where this lands in 800-53
Vulnerability data triggers these controls during assessment and continuous monitoring.