Lucene search

XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos)

🗓️ 22 Mar 2021 23:09:29Reported by GitHub Advisory DatabaseType

XStream vulnerability to Regular Expression DoS attac

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 72
Cvelist	CVE-2021-21348 XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos)	22 Mar 202123:45	–	cvelist
OSV	UBUNTU-CVE-2021-21348	23 Mar 202100:15	–	osv
OSV	GHSA-56P8-3FH9-4CVQ XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos)	22 Mar 202123:29	–	osv
OSV	CVE-2021-21348	23 Mar 202100:15	–	osv
OSV	OPENSUSE-SU-2021:0832-1 Security update for xstream	3 Jun 202117:33	–	osv
OSV	DLA-2616-1 libxstream-java - security update	3 Apr 202100:00	–	osv
OSV	SUSE-SU-2021:1840-1 Security update for xstream	2 Jun 202114:29	–	osv
OSV	SUSE-SU-2021:1840-2 Security update for xstream	11 Jul 202108:25	–	osv
OSV	OPENSUSE-SU-2021:1840-1 Security update for xstream	11 Jul 202108:25	–	osv
OSV	MGASA-2021-0370 Updated xstream packages fix security vulnerabilities	25 Jul 202114:45	–	osv

Vulners

Node

com.thoughtworks.xstream xstreamRange<1.4.16

Source	Link
github	www.github.com/x-stream/xstream/security/advisories/GHSA-56p8-3fh9-4cvq
x-stream	www.x-stream.github.io/security.html
x-stream	www.x-stream.github.io/changes.html
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-21348
x-stream	www.x-stream.github.io/CVE-2021-21348.html
lists	www.lists.debian.org/debian-lts-announce/2021/04/msg00002.html
lists	www.lists.apache.org/thread.html/r9ac71b047767205aa22e3a08cb33f3e0586de6b2fac48b425c6e16b0@%3Cdev.jmeter.apache.org%3E
lists	www.lists.apache.org/thread.html/r8244fd0831db894d5e89911ded9c72196d395a90ae655414d23ed0dd@%3Cusers.activemq.apache.org%3E
security	www.security.netapp.com/advisory/ntap-20210430-0002/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Mar 2021 23:29Current

1.5Low risk

Vulners AI Score1.5

CVSS27.8

CVSS35.3 - 7.5

EPSS0.00232