Description
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void.
Remediation
References
http://www.securityfocus.com/bid/98066
https://jenkins.io/security/advisory/2017-04-26/
Related Vulnerabilities
CVE-2020-28052 Vulnerability in maven package org.bouncycastle:bcprov-ext-jdk15on
CVE-2020-6462 Vulnerability in npm package electron
CVE-2022-24785 Vulnerability in npm package moment
CVE-2023-24807 Vulnerability in maven package org.webjars.npm:undici
CVE-2022-26049 Vulnerability in maven package com.diffplug.gradle:goomph