jenkins -- DoS vulnerability in bundled XStream library

🗓️ 09 Feb 2022 00:00:00Reported by FreeBSDType

DoS vulnerability in bundled XStream librar

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 78
Cvelist	CVE-2022-0538	9 Feb 202213:30	–	cvelist
Cvelist	CVE-2021-43859 Denial of Service by injecting highly recursive collections or maps in XStream	1 Feb 202212:08	–	cvelist
Tenable Nessus	Jenkins Enterprise and Operations Center 2.277.x < 2.277.43.0.6 / 2.303.x < 2.303.30.0.5 / 2.319.3.3 Multiple DoS (CloudBees Security Advisory 2022-02-09)	7 Mar 202200:00	–	nessus
Tenable Nessus	Jenkins LTS < 2.319.3 / Jenkins weekly < 2.334 Multiple Vulnerabilities	9 Feb 202200:00	–	nessus
Tenable Nessus	FreeBSD : jenkins -- DoS vulnerability in bundled XStream library (0b0ad196-1ee8-4a98-89b1-4d5d82af49a9)	11 Feb 202200:00	–	nessus
Tenable Nessus	Debian DLA-2924-1 : libxstream-java - LTS security update	16 Feb 202200:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 Security Update : xstream (SUSE-SU-2022:0817-1)	15 Mar 202200:00	–	nessus
Tenable Nessus	openSUSE 15 Security Update : xstream (openSUSE-SU-2022:0817-1)	17 Mar 202200:00	–	nessus
Tenable Nessus	Debian dla-4001 : libxstream-java - security update	21 Dec 202400:00	–	nessus
Tenable Nessus	Oracle WebCenter Sites (Oct 2022 CPU)	21 Oct 202200:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
FreeBSD	any	noarch	jenkins	2.334	UNKNOWN
FreeBSD	any	noarch	jenkins-lts	2.319.3	UNKNOWN

Source	Link
jenkins	www.jenkins.io/security/advisory/2022-02-09/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Feb 2022 00:00Current

2.4Low risk

Vulners AI Score2.4

CVSS25

CVSS37.5

EPSS0.03149

SSVC