Lucene search
+L

3 matches found

RedHat Linux
RedHat Linux
added 2022/01/26 4:33 p.m.4 views

xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to request data from internal resources that are not publicly available by manipulating the processed input stream with Java runtime versions 14 to 8. The highest thre...

8.5CVSS7.4AI score0.11377EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2021/12/02 4:17 p.m.5 views

xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to request data from internal resources that are not publicly available by manipulating the processed input stream with Java runtime versions 14 to 8. The highest thre...

8.5CVSS7.4AI score0.11377EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2021/11/23 10:34 a.m.9 views

xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to request data from internal resources that are not publicly available by manipulating the processed input stream with Java runtime versions 14 to 8. The highest thre...

8.5CVSS7.4AI score0.11377EPSS
Exploits2References5
Rows per page
Query Builder