XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remote attacker to terminate the application with a stack overflow error resulting in a denial of service only by manipulating the processed input stream when XStream is configured to use the BinaryStreamDriver. XStream 1.4.21 has been patched to detect the manipulation in the binary input stream causing the the stack overflow and raises an InputManipulationException instead. Users are advised to upgrade. Users unable to upgrade may catch the StackOverflowError in the client code calling XStream if XStream is configured to use the BinaryStreamDriver.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2223 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated     jobs, such as building a software project or jobs run by cron.

    Security Fix(es):

    * org.jenkinsci.plugins/pipeline-model-definition: Jenkins Pipeline     Declarative Plugin Allows Restart of Builds with Unapproved     Jenkinsfile(CVE-2024-52551)
    * org.jenkins-ci.plugins/script-security: Jenkins Script Security Plugin     File Disclosure Vulnerability(CVE-2024-52549)
    * org.jenkins-ci.plugins.workflow/workflow-cps: Lack of Approval Check for     Rebuilt Jenkins Pipelines(CVE-2024-52550)
    * jenkins: XStream is vulnerable to a Denial of Service attack due to stack     overflow from a manipulated binary input stream(CVE-2024-47072)
    * jenkins: Mishandling of an unbalanced comment string in     json-lib(CVE-2024-47855)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments,     and other related information, refer to the CVE page listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2222 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated     jobs, such as building a software project or jobs run by cron.

    Security Fix(es):

    * org.jenkinsci.plugins/pipeline-model-definition: Jenkins Pipeline     Declarative Plugin Allows Restart of Builds with Unapproved     Jenkinsfile(CVE-2024-52551)
    * org.jenkins-ci.plugins/script-security: Jenkins Script Security Plugin     File Disclosure Vulnerability(CVE-2024-52549)
    * org.jenkins-ci.plugins.workflow/workflow-cps: Lack of Approval Check for     Rebuilt Jenkins Pipelines(CVE-2024-52550)
    * jenkins: XStream is vulnerable to a Denial of Service attack due to stack     overflow from a manipulated binary input stream(CVE-2024-47072)
    * jenkins: Mishandling of an unbalanced comment string in     json-lib(CVE-2024-47855)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments,     and other related information, refer to the CVE page listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2221 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated     jobs, such as building a software project or jobs run by cron.

    Security Fix(es):

    * org.jenkinsci.plugins/pipeline-model-definition: Jenkins Pipeline     Declarative Plugin Allows Restart of Builds with Unapproved     Jenkinsfile(CVE-2024-52551)
    * org.jenkins-ci.plugins/script-security: Jenkins Script Security Plugin     File Disclosure Vulnerability(CVE-2024-52549)
    * org.jenkins-ci.plugins.workflow/workflow-cps: Lack of Approval Check for     Rebuilt Jenkins Pipelines(CVE-2024-52550)
    * jenkins: XStream is vulnerable to a Denial of Service attack due to stack     overflow from a manipulated binary input stream(CVE-2024-47072)
    * jenkins: Mishandling of an unbalanced comment string in     json-lib(CVE-2024-47855)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments,     and other related information, refer to the CVE page listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2219 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated     jobs, such as building a software project or jobs run by cron.

    Security Fix(es):

    * org.jenkinsci.plugins/pipeline-model-definition: Jenkins Pipeline     Declarative Plugin Allows Restart of Builds with Unapproved     Jenkinsfile(CVE-2024-52551)
    * org.jenkins-ci.plugins/script-security: Jenkins Script Security Plugin     File Disclosure Vulnerability(CVE-2024-52549)
    * org.jenkins-ci.plugins.workflow/workflow-cps: Lack of Approval Check for     Rebuilt Jenkins Pipelines(CVE-2024-52550)
    * jenkins: XStream is vulnerable to a Denial of Service attack due to stack     overflow from a manipulated binary input stream(CVE-2024-47072)
    * jenkins: Mishandling of an unbalanced comment string in     json-lib(CVE-2024-47855)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments,     and other related information, refer to the CVE page listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2218 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated     jobs, such as building a software project or jobs run by cron.

    Security Fix(es):

    * org.jenkinsci.plugins/pipeline-model-definition: Jenkins Pipeline Declarative Plugin Allows Restart of     Builds with Unapproved Jenkinsfile(CVE-2024-52551)
    * org.jenkins-ci.plugins/script-security: Jenkins Script Security Plugin File Disclosure     Vulnerability(CVE-2024-52549)
    * org.jenkins-ci.plugins.workflow/workflow-cps: Lack of Approval Check for Rebuilt Jenkins     Pipelines(CVE-2024-52550)
    * jenkins: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated     binary input stream(CVE-2024-47072)
    * jenkins: Mishandling of an unbalanced comment string in json-lib(CVE-2024-47855)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments,     and other related information, refer to the CVE page listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2220 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated     jobs, such as building a software project or jobs run by cron.

    Security Fix(es):

    * org.jenkinsci.plugins/pipeline-model-definition: Jenkins Pipeline     Declarative Plugin Allows Restart of Builds with Unapproved     Jenkinsfile(CVE-2024-52551)
    * org.jenkins-ci.plugins/script-security: Jenkins Script Security Plugin     File Disclosure Vulnerability(CVE-2024-52549)
    * org.jenkins-ci.plugins.workflow/workflow-cps: Lack of Approval Check for     Rebuilt Jenkins Pipelines(CVE-2024-52550)
    * jenkins: XStream is vulnerable to a Denial of Service attack due to stack     overflow from a manipulated binary input stream(CVE-2024-47072)
    * jenkins: Mishandling of an unbalanced comment string in     json-lib(CVE-2024-47855)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments,     and other related information, refer to the CVE page listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a     remote attacker to terminate the application with a stack overflow error resulting in a denial of service     only by manipulating the processed input stream when XStream is configured to use the BinaryStreamDriver.
    XStream 1.4.21 has been patched to detect the manipulation in the binary input stream causing the the     stack overflow and raises an InputManipulationException instead. Users are advised to upgrade. Users     unable to upgrade may catch the StackOverflowError in the client code calling XStream if XStream is     configured to use the BinaryStreamDriver. (CVE-2024-47072)

Note that Nessus relies on the presence of the package as reported by the vendor.

The version of xstream installed on the remote host is prior to 1.3.1-16. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2707 advisory.

    XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input     stream. XStream provides a BinaryStreamDriver with an own optimized serialization format. The format uses     ids for string values as deduplication. The mapping for these ids are created on-the-fly at marshalling     time. At unmarshalling time the reader's implementation simply used a simple one-time recursion after     reading a mapping token to process the next normal token of the data stream. However, an endless recursion     could be triggered with manipulated input data resulting in a stack overflow causing a denial of service.
    (CVE-2024-47072)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4001 advisory.

    - -------------------------------------------------------------------------     Debian LTS Advisory DLA-4001-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                   Bastien Roucaris     December 21, 2024                             https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : libxstream-java     Version        : 1.4.15-3+deb11u3     CVE ID         : CVE-2021-43859 CVE-2024-47072     Debian Bug     : 1087274

    XStream is a simple java library to serialize objects to XML     and back again. Two vulnerabilities were fixed:

    CVE-2021-43859:

      XStream can cause a Denial of Service (DoS) by injecting highly       recursive collections or maps

    CVE-2024-47072

      XStream was vulnerable to a Denial of Service attack due       to stack overflow from a manipulated binary input stream

    For Debian 11 bullseye, this problem has been fixed in version     1.4.15-3+deb11u3.

    We recommend that you upgrade your libxstream-java packages.

    For the detailed security status of libxstream-java please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/libxstream-java

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4037-1 advisory.

    - CVE-2024-47072: Fixed possible remote denial-of-service via a stack overflow (bsc#1233085).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
228832	RHEL 8 : Red Hat Product OCP Tools 4.12 Openshift Jenkins (RHSA-2025:2223)	Nessus	Red Hat Local Security Checks	high
228830	RHEL 8 : Red Hat Product OCP Tools 4.13 Openshift Jenkins (RHSA-2025:2222)	Nessus	Red Hat Local Security Checks	high
228829	RHEL 8 : Red Hat Product OCP Tools 4.14 Openshift Jenkins (RHSA-2025:2221)	Nessus	Red Hat Local Security Checks	high
228828	RHEL 9 : Red Hat Product OCP Tools 4.16 Openshift Jenkins (RHSA-2025:2219)	Nessus	Red Hat Local Security Checks	high
228827	RHEL 9 : Red Hat Product OCP Tools 4.17 Openshift Jenkins (RHSA-2025:2218)	Nessus	Red Hat Local Security Checks	high
228826	RHEL 8 : Red Hat Product OCP Tools 4.15 Openshift Jenkins (RHSA-2025:2220)	Nessus	Red Hat Local Security Checks	high
228811	Linux Distros Unpatched Vulnerability : CVE-2024-47072	Nessus	Misc.	high
213372	Amazon Linux 2 : xstream (ALAS-2024-2707)	Nessus	Amazon Linux Local Security Checks	high
213317	Debian dla-4001 : libxstream-java - security update	Nessus	Debian Local Security Checks	high
212539	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bea-stax, xstream (SUSE-SU-2024:4037-1)	Nessus	SuSE Local Security Checks	high

Detections

Analytics

CVE-2024-47072

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high