GHSA-J563-GRX4-PJPV XStream can cause Denial of Service via stack overflow

Impact The vulnerability may allow a remote attacker to terminate the application with a stack overflow error resulting in a denial of service only by manipulating the processed input stream. Patches XStream 1.4.20 handles the stack overflow and raises an InputManipulationException instead...

GHSA-RMR5-CPV2-VGJF Denial of Service by injecting highly recursive collections or maps in XStream

Impact The vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. Patches XStream 1.4.19 monitors and accumulates the...

SUSE-SU-2020:0528-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Java 8.0 was updated to Service Refresh 6 Fix Pack 5 bsc1162972, bsc1160968 - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2019-4732: Untrusted DLL search path vulnerability - CVE-2020-2593: Normalize normalization for all -...