2 matches found
SUSE CVE-2020-26217
XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security Framework allowlist i...
PT-2020-5035 · Atlassian +6 · Bamboo Data Center/Server +7
Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.14 Bamboo Data Center and Server version 9.2.1 Description: The issue exists due to the lack of neutralization of special elements used in operating system commands. This may allow a remote attacker to execute...