Lucene search
K

6 matches found

RedHat Linux
RedHat Linux
added 2022/02/14 1:6 p.m.6 views

xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to request data from internal resources that are not publicly available by manipulating the processed input stream with Java runtime versions 14 to 8. The highest thre...

8.5CVSS7.4AI score0.03437EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2021/12/02 4:17 p.m.4 views

xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to request data from internal resources that are not publicly available by manipulating the processed input stream with Java runtime versions 14 to 8. The highest thre...

8.5CVSS7.4AI score0.03437EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2021/10/25 6:54 a.m.5 views

xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to request data from internal resources that are not publicly available by manipulating the processed input stream with Java runtime versions 14 to 8. The highest thre...

8.5CVSS7.4AI score0.03437EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2013/10/23 4:26 p.m.5 views

OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU...

5CVSS7.4AI score0.05205EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/10/23 4:26 p.m.6 views

OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU...

5CVSS7.4AI score0.05205EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/03/11 6:47 p.m.3 views

OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU...

5CVSS7.4AI score0.05205EPSS
Exploits0References5
Rows per page
Query Builder