CVE-2017-1000355

Опубликовано: 29 янв. 2018

Источник: debian

EPSS Низкий

Описание

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void.

Пакет	Статус	Версия исправления	Релиз	Тип
jenkins	removed			package

EPSS

Процентиль: 62%

0.00429

Низкий

CVE-2017-1000355

CVSS3: 6.5

ubuntu

около 8 лет назад

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void.

CVE-2017-1000355

CVSS3: 5.9

redhat

почти 9 лет назад

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void.

CVE-2017-1000355

CVSS3: 6.5

nvd

около 8 лет назад

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void.

GHSA-4466-8jm4-448p

CVSS3: 6.5

github

больше 3 лет назад

Deserialization of Untrusted Data in Jenkins

EPSS

Процентиль: 62%

0.00429

Низкий