Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2017-7957

Disclosure Date: April 29, 2017 (last updated October 05, 2023)
XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML("<void/>") call.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0