SUSE-SU-2023:1673-1 Security update for xstream

This update for xstream fixes the following issues: - CVE-2022-40151: Fixed stackoverflow in XML serialization bsc1203520. - CVE-2022-41966: Fixed denial of service via uncontrolled recursion during deserialization bsc1206729. - Upgrade to 1.4.20...

SUSE-SU-2022:0817-1 Security update for xstream

This update for xstream fixes the following issues: - CVE-2021-43859: Fixed a denial of service when unmarshalling highly recursive collections or maps bsc1195458...

OPENSUSE-SU-2021:1401-1 Security update for xstream

This update for xstream fixes the following issues: - Upgrade to 1.4.18 - CVE-2021-39139: Fixed an issue that allowed an attacker to execute arbitrary code execution by manipulating the processed input stream with type information. bsc1189798 - CVE-2021-39140: Fixed an issue that allowed an...

Security update for xstream (important)

openSUSE Security Update: Security update for xstream Announcement ID: openSUSE-SU-2021:1401-1 Rating: important References: 1189798 Cross-References: CVE-2021-39139 CVE-2021-39140 CVE-2021-39141 CVE-2021-39144 CVE-2021-39145 CVE-2021-39146 CVE-2021-39147 CVE-2021-39148 CVE-2021-39149...

SUSE-SU-2021:3476-1 Security update for xstream

This update for xstream fixes the following issues: - Upgrade to 1.4.18 - CVE-2021-39139: Fixed an issue that allowed an attacker to execute arbitrary code execution by manipulating the processed input stream with type information. bsc1189798 - CVE-2021-39140: Fixed an issue that allowed an...

OPENSUSE-SU-2021:1995-1 Security update for xstream

This update for xstream fixes the following issues: Upgrade to 1.4.17 - CVE-2021-29505: Fixed potential code execution when unmarshalling with XStream instances using an uninitialized security framework bsc1186651...

OPENSUSE-SU-2021:1840-1 Security update for xstream

This update for xstream fixes the following issues: - Upgrade to 1.4.16 - CVE-2021-21351: remote attacker to load and execute arbitrary code bsc1184796 - CVE-2021-21349: SSRF can lead to a remote attacker to request data from internal resources bsc1184797 - CVE-2021-21350: arbitrary code executio...

SUSE-SU-2021:1995-1 Security update for xstream

This update for xstream fixes the following issues: Upgrade to 1.4.17 - CVE-2021-29505: Fixed potential code execution when unmarshalling with XStream instances using an uninitialized security framework bsc1186651...

OPENSUSE-SU-2021:0832-1 Security update for xstream

This update for xstream fixes the following issues: - Upgrade to 1.4.16 - CVE-2021-21351: remote attacker to load and execute arbitrary code bsc1184796 - CVE-2021-21349: SSRF can lead to a remote attacker to request data from internal resources bsc1184797 - CVE-2021-21350: arbitrary code executio...

SUSE-SU-2021:1840-1 Security update for xstream

This update for xstream fixes the following issues: - Upgrade to 1.4.16 - CVE-2021-21351: remote attacker to load and execute arbitrary code bsc1184796 - CVE-2021-21349: SSRF can lead to a remote attacker to request data from internal resources bsc1184797 - CVE-2021-21350: arbitrary code executio...

Important: Red Hat Security Advisory: xstream security update

An update for xstream is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

SUSE-SU-2021:0176-1 Security update for xstream

This update for xstream fixes the following issues: xstream was updated to version 1.4.15. - CVE-2020-26217: Fixed a remote code execution due to insecure XML deserialization when relying on blocklists bsc1180994. - CVE-2020-26258: Fixed a server-side request forgery vulnerability bsc1180146. -...