Description
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void.
Remediation
References
http://www.securityfocus.com/bid/98066
https://jenkins.io/security/advisory/2017-04-26/
Related Vulnerabilities
CVE-2023-30522 Vulnerability in maven package org.jenkins-ci.plugins:fogbugz
CVE-2016-10571 Vulnerability in npm package bkjs-wand
CVE-2022-36901 Vulnerability in maven package org.jenkins-ci.plugins:http_request
CVE-2021-40369 Vulnerability in maven package org.apache.jspwiki:jspwiki-main
CVE-2022-23457 Vulnerability in maven package org.owasp.esapi:esapi