Astra Linux - уязвимость в libxstream-java

XStream is a Java library for serializing objects to XML and back again. Before version 1.4.16, XStream had a vulnerability that could allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. However, users who followed the...

BIT-ACTIVEMQ-2021-21351 XStream is vulnerable to an Arbitrary Code Execution attack

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the...

PT-2023-21710 · Unknown · Modern Footnotes

Name of the Vulnerable Software and Affected Versions: Modern Footnotes plugin versions prior to 1.4.16 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin or higher privileges. Recommendations: For versions prior to 1.4.16,...

XStream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. No user is...

XStream: ReDoS vulnerability

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recommendation to setup...

UBUNTU-CVE-2021-21351

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the...

PT-2021-5145 · Xstream +5 · Xstream +5

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.16 Description: The issue is related to the XStream Java library, which is used for serializing objects to XML and back again. It may allow a remote attacker to load and execute arbitrary code from a remote host ...

PT-2021-4767 · Xstream +4 · Xstream +4

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.16 Description: The issue is related to the XStream Java library, which is used to serialize objects to XML and back again. A vulnerability may allow a remote attacker to request data from internal resources that...

PT-2021-4780 · Xstream +7 · Xstream +7

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.16 Description: The issue is related to the XStream Java library, which is used for serializing objects to XML and back again. It may allow a remote attacker to load and execute arbitrary code from a remote host ...