CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7957

XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML("<void/>") call.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.042

EPSS Ranking 88.1%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2017-7957

Xstream Project » Xstream » Version: N/A

cpe:2.3:a:xstream_project:xstream:-
Xstream Project » Xstream » Version: 0.2

cpe:2.3:a:xstream_project:xstream:0.2
Xstream Project » Xstream » Version: 0.3

cpe:2.3:a:xstream_project:xstream:0.3
Xstream Project » Xstream » Version: 0.4

cpe:2.3:a:xstream_project:xstream:0.4
Xstream Project » Xstream » Version: 0.5

cpe:2.3:a:xstream_project:xstream:0.5
Xstream Project » Xstream » Version: 0.6

cpe:2.3:a:xstream_project:xstream:0.6
Xstream Project » Xstream » Version: 1.0

cpe:2.3:a:xstream_project:xstream:1.0
Xstream Project » Xstream » Version: 1.0.1

cpe:2.3:a:xstream_project:xstream:1.0.1
Xstream Project » Xstream » Version: 1.0.2

cpe:2.3:a:xstream_project:xstream:1.0.2
Xstream Project » Xstream » Version: 1.1

cpe:2.3:a:xstream_project:xstream:1.1
Xstream Project » Xstream » Version: 1.1.1

cpe:2.3:a:xstream_project:xstream:1.1.1
Xstream Project » Xstream » Version: 1.1.2

cpe:2.3:a:xstream_project:xstream:1.1.2
Xstream Project » Xstream » Version: 1.1.3

cpe:2.3:a:xstream_project:xstream:1.1.3
Xstream Project » Xstream » Version: 1.2

cpe:2.3:a:xstream_project:xstream:1.2
Xstream Project » Xstream » Version: 1.2.1

cpe:2.3:a:xstream_project:xstream:1.2.1
Xstream Project » Xstream » Version: 1.2.2

cpe:2.3:a:xstream_project:xstream:1.2.2
Xstream Project » Xstream » Version: 1.3

cpe:2.3:a:xstream_project:xstream:1.3
Xstream Project » Xstream » Version: 1.3.1

cpe:2.3:a:xstream_project:xstream:1.3.1
Xstream Project » Xstream » Version: 1.4

cpe:2.3:a:xstream_project:xstream:1.4
Xstream Project » Xstream » Version: 1.4.1

cpe:2.3:a:xstream_project:xstream:1.4.1
Xstream Project » Xstream » Version: 1.4.2

cpe:2.3:a:xstream_project:xstream:1.4.2
Xstream Project » Xstream » Version: 1.4.3

cpe:2.3:a:xstream_project:xstream:1.4.3
Xstream Project » Xstream » Version: 1.4.4

cpe:2.3:a:xstream_project:xstream:1.4.4
Xstream Project » Xstream » Version: 1.4.5

cpe:2.3:a:xstream_project:xstream:1.4.5
Xstream Project » Xstream » Version: 1.4.6

cpe:2.3:a:xstream_project:xstream:1.4.6
Xstream Project » Xstream » Version: 1.4.7

cpe:2.3:a:xstream_project:xstream:1.4.7
Xstream Project » Xstream » Version: 1.4.8

cpe:2.3:a:xstream_project:xstream:1.4.8
Xstream Project » Xstream » Version: 1.4.9

cpe:2.3:a:xstream_project:xstream:1.4.9
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Debian » Debian Linux » Version: 9.0

cpe:2.3:o:debian:debian_linux:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7957

Products

Pricing

Contact Us