Lucene search
+L

6 matches found

Circl
Circl
added 2024/01/28 6:16 a.m.5 views

GHSA-RMR5-CPV2-VGJF

creationtimestamp| type| source ---|---|--- 2024-01-28 06:16:41+00:00| seen| https://t.me/arpsyndicate/3229...

4.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/03/15 12:0 a.m.34 views

SUSE SLED15 / SLES15 Security Update : xstream (SUSE-SU-2022:0817-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:0817-1 advisory. - CVE-2021-43859: Fixed a denial of service when unmarshalling highly recursive collections or maps bsc1195458. Tenable...

7.5CVSS7.2AI score0.07659EPSS
Exploits1References4
OSV
OSV
added 2022/02/01 12:15 p.m.24 views

CVE-2021-43859

XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulatin...

7.5CVSS6.9AI score0.07659EPSS
Exploits1References10
Prion
Prion
added 2022/02/01 12:15 p.m.20 views

Design/Logic Flaw

XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulatin...

5CVSS7.3AI score0.07659EPSS
Exploits1References9Affected Software10
UbuntuCve
UbuntuCve
added 2022/02/01 12:15 p.m.34 views

CVE-2021-43859

XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulatin...

7.5CVSS7.1AI score0.07659EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/02/01 12:8 p.m.35 views

CVE-2021-43859 Denial of Service by injecting highly recursive collections or maps in XStream

XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulatin...

7.5CVSS7.7AI score0.07659EPSS
Exploits1References9
Rows per page
Query Builder