XStream <1.4.15 - Server-Side Request Forgery

XStream before 1.4.15 is susceptible to server-side request forgery. An attacker can request data from internal resources that are not publicly available by manipulating the processed input stream, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorize...

OPENSUSE-SU-2024:11799-1 java-15-openjdk-15.0.6.0-1.1 on GA media

These are all security issues fixed in the java-15-openjdk-15.0.6.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12442-1 java-15-openjdk-15.0.9.0-1.1 on GA media

These are all security issues fixed in the java-15-openjdk-15.0.9.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12720-1 java-15-openjdk-15.0.10.0-1.1 on GA media

These are all security issues fixed in the java-15-openjdk-15.0.10.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11584-1 java-15-openjdk-15.0.5.0-1.1 on GA media

These are all security issues fixed in the java-15-openjdk-15.0.5.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12202-1 java-15-openjdk-15.0.8.0-1.1 on GA media

These are all security issues fixed in the java-15-openjdk-15.0.8.0-1.1 package on the GA media of openSUSE Tumbleweed...

Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889 Text4Shell Testing Script This repository co...

CVE-2020-26259

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remote attacker to delete arbitrary know files on the host as log as the executin...

CVE-2020-26259

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remote attacker to delete arbitrary know files on the host as log as the executin...

PT-2020-6136 · Thornton Rose +3 · Xstream +3

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.15 Description: The issue is related to a Server-Side Forgery Request vulnerability in XStream, a Java library used to serialize objects to XML and back again. This vulnerability can be activated when unmarshalli...

OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136)

Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of th...