Debian DLA-2924-1 : libxstream-java - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2924 advisory. It was discovered that there was a potential remote denial of service DoS attack in XStream, a Java library used to serialize objects to XML and back again. An attacker cou...

[SECURITY] [DLA 2924-1] libxstream-java security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2924-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 15, 2022 https://wiki.debian.org/LTS -...

Debian: Security Advisory (DSA-5004-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-5004-1 : libxstream-java - security update

The remote Debian 10 / 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5004 advisory. Multiple security vulnerabilities have been discovered in XStream, a Java library to serialize objects to XML and back again. These vulnerabilities may allow...

[SECURITY] [DSA 5004-1] libxstream-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5004-1 [email protected] https://www.debian.org/security/ Markus Koschany November 10, 2021 https://www.debian.org/security/faq -...

DSA-5004-1 libxstream-java - security update

Bulletin has no description...

Debian: Security Advisory (DLA-2769-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2769-1] libxstream-java security update

Debian LTS Advisory DLA-2769-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 29, 2021 https://wiki.debian.org/LTS Package : libxstream-java Version : 1.4.11.1-1+deb9u4 CVE ID : CVE-2021-39139 CVE-2021-39140 CVE-2021-39141 CVE-2021-39144 CVE-2021-39145...

DLA-2769-1 libxstream-java - security update

Bulletin has no description...

Debian: Security Advisory (DLA-2704-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2704-1 : libxstream-java - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2704 advisory. A vulnerability in XStream, a Java library to serialize objects to and from XML, may allow a remote attacker to execute commands of the host only by manipulating the...

DLA-2704-1 libxstream-java - security update

Bulletin has no description...

Ubuntu: Security Advisory (USN-4943-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2616-1 : libxstream-java security update

In XStream there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. The type hierarchies for java.io.InputStream, java.nio.channels.Channel, javax.activation.DataSource and...

Debian: Security Advisory (DLA-2616-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-2616-1 libxstream-java - security update

Bulletin has no description...

Ubuntu: Security Advisory (USN-4714-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4714-1: XStream vulnerabilities

Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. CVE-2020-26217 It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could...

Debian DSA-4828-1 : libxstream-java - security update

Liaogui Zhong discovered two security issues in XStream, a Java library to serialise objects to XML and back again, which could result in the deletion of files or server-side request forgery when unmarshalling. C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

Debian: Security Advisory (DSA-4828-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...