Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2021/12/14 9:31 p.m.5 views

XStream: SSRF via crafted input stream

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on...

9.1CVSS7.4AI score0.4999EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/12/14 9:31 p.m.4 views

XStream: arbitrary file deletion on the local host via crafted input stream

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on...

7.5CVSS7.4AI score0.46666EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/06/17 1:15 p.m.3 views

XStream: SSRF via crafted input stream

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on...

9.1CVSS7.4AI score0.4999EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/05/26 9:49 p.m.5 views

XStream: SSRF via crafted input stream

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on...

9.1CVSS7.4AI score0.4999EPSS
Exploits1References4
Rows per page
Query Builder