Medium severity6.5NVD Advisory· Published Jan 29, 2018· Updated Jun 17, 2026
CVE-2017-1000355
CVE-2017-1000355
Description
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.main:jenkins-coreMaven | >= 2.50, < 2.57 | 2.57 |
org.jenkins-ci.main:jenkins-coreMaven | < 2.46.2 | 2.46.2 |
Affected products
1Patches
Vulnerability mechanics
References
7- www.securityfocus.com/bid/98066nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-4466-8jm4-448pghsaADVISORY
- jenkins.io/security/advisory/2017-04-26/nvdVendor Advisory
- nvd.nist.gov/vuln/detail/CVE-2017-1000355ghsaADVISORY
- github.com/jenkinsci/jenkins/commit/701ea95a52afe53bee28f76a3f96eb0e578852e9ghsaWEB
- github.com/jenkinsci/jenkins/commit/f7075e60772bd2fa15bcc72450735641c168fed5ghsaWEB
- jenkins.io/security/advisory/2017-04-26ghsaWEB
News mentions
0No linked articles in our index yet.