Lucene search
K

7 matches found

UbuntuCve
UbuntuCve
added 2018/01/29 5:29 p.m.29 views

CVE-2017-1000355

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void...

6.5CVSS6.8AI score0.01776EPSS
Exploits1References1
NVD
NVD
added 2018/01/29 5:29 p.m.16 views

CVE-2017-1000355

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void...

6.5CVSS6.4AI score0.01776EPSS
Exploits1References2
OSV
OSV
added 2018/01/29 5:29 p.m.17 views

CVE-2017-1000355

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void...

6.5CVSS6.7AI score
Exploits0References2
CVE
CVE
added 2018/01/29 5:0 p.m.101 views

CVE-2017-1000355

CVE-2017-1000355 is described in the sources as a Denial of Service vulnerability in Jenkins caused by an XStream deserialization issue that crashes the JVM when attempting to instantiate void/Void. Affected are Jenkins versions 2.56 and earlier and 2.46.1 LTS and earlier (per the initial descrip...

6.5CVSS7.2AI score0.01776EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/05/04 12:0 a.m.242 views

Jenkins < 2.46.2 / 2.57 and Jenkins Enterprise < 1.625.24.1 / 1.651.24.1 / 2.7.24.0.1 / 2.46.2.1 Multiple Vulnerabilities

The version of Jenkins running on the remote web server is prior to 2.57 or is a version of Jenkins LTS prior to 2.46.2, or else it is a version of Jenkins Enterprise that is 1.625.x.y prior to 1.625.24.1, 1.651.x.y prior to 1.651.24.1, 2.7.x.0.y prior to 2.7.24.0.1, or 2.x.y.z prior to 2.46.2.1...

9.8CVSS8.5AI score0.99686EPSS
Exploits39References7
seebug.org
seebug.org
added 2017/04/28 12:0 a.m.35 views

Jenkins XStream: Java crash when trying to instantiate void/Void (CVE-2017-1000355)

Jenkins uses the XStream library to serialize and deserialize XML. Its maintainer recently published a security vulnerability that allows anyone able to provide XML to Jenkins for processing using XStream to crash the Java process. In Jenkins this typically applies to users with permission to...

6.8AI score0.01776EPSS
Exploits1
OpenVAS
OpenVAS
added 2017/04/28 12:0 a.m.56 views

Jenkins Multiple Vulnerabilities (Apr 2017) - Linux

Multiple cross-site request forgery CSRF vulnerabilities in Jenkins allow malicious users to perform several administrative actions by tricking a victim into opening a web page. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

9.8CVSS7.9AI score0.99686EPSS
Exploits39References4
Rows per page
Query Builder