Lucene search

(RHSA-2021:0162) Important: xstream security update

🗓️ 18 Jan 2021 09:59:12Reported by RedHatType

XStream security update to fix remote code execution vulnerability

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 82
Check Point Advisories	XStream Remote Code Execution (CVE-2020-26217)	21 Dec 202000:00	–	checkpoint_advisories
IBM Security Bulletins	Security Bulletin: CVE-2020-26217 XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream.	1 Dec 202019:46	–	ibm
IBM Security Bulletins	Security Bulletin: Security Vulnerability in Xstream Affects IBM Sterling B2B Integrator (CVE-2020-26217)	13 May 202214:58	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in Xstream, which is a required product for IBM Tivoli Network Configuration Manager (CVE-2020-26217)	24 Mar 202107:43	–	ibm
IBM Security Bulletins	Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in XStream	8 May 202101:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in XStream	27 Feb 202103:41	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in XStream, Apache HTTP, Jackson Databind, OpenSSL, and Node.js affect IBM Spectrum Control	18 Feb 202115:46	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilites affect IBM Engineering products.	26 Feb 202120:22	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in MongoDB, Node.js, Docker, and XStream affect IBM Spectrum Protect Plus	28 Jun 202120:25	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in XStream affect IBM Spectrum Copy Data Management	11 Dec 202100:37	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
RedHat	7	noarch	xstream	1.3.1-12.el7_9	xstream-1.3.1-12.el7_9.noarch.rpm
RedHat	7	noarch	xstream-javadoc	1.3.1-12.el7_9	xstream-javadoc-1.3.1-12.el7_9.noarch.rpm

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 Jan 2021 09:12Current

2.2Low risk

Vulners AI Score2.2

CVSS29.3

CVSS38 - 9

EPSS0.93566

CWE-502