MGASA-2017-0119 Updated xstream packages fix security vulnerability

A vulnerability was found in XStream. Parsing a maliciously crafted file could cause the application to crash. The processed stream at unmarshalling type contains type information to recreate the formerly written objects. XStream creates therefore new instances based on these type information. Th...

Updated xstream packages fix CVE-2016-3674

Updated xstream packages fix security vulnerability: XStream x-stream.github.io is a Java library to marshal Java objects into XML and back. For this purpose it supports a lot of different XML parsers. Some of those can also process external entities which was enabled by default. An attacker coul...

MGASA-2014-0100 Updated xstream packages fix CVE-2013-7285

Updated xstream packages fix security vulnerability: It was found that XStream would deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code executio...

Updated xstream packages fix CVE-2013-7285

Updated xstream packages fix security vulnerability: It was found that XStream would deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code executio...