VIR Vulnerability Intelligence Relay

Package impact

java Maven / com.thoughtworks.xstream:xstream

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2021-39144 unknown 1.5 5y ago XStream is vulnerable to a Remote Command Execution attack susedebianjava
CVE-2024-47072 unknown 2y ago XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream susedebianjava
CVE-2022-40151 unknown 4y ago XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow susedebianjava
CVE-2022-41966 unknown 4y ago XStream can cause Denial of Service via stack overflow susedebianjava
CVE-2021-43859 unknown 4y ago Denial of Service by injecting highly recursive collections or maps in XStream susedebianjava
CVE-2021-39139 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-39140 unknown 5y ago XStream can cause a Denial of Service susedebianjava
CVE-2021-39141 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-39145 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-39146 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-39147 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-39148 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-39149 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-39150 unknown 5y ago A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host susedebianjava
CVE-2021-39151 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-39152 unknown 5y ago A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host susedebianjava
CVE-2021-39153 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-39154 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-29505 unknown 5y ago XStream is vulnerable to a Remote Command Execution attack susedebianjava
CVE-2021-21351 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-21350 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-21349 unknown 5y ago A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host susedebianjava
CVE-2021-21348 unknown 5y ago XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos) susedebianjava
CVE-2021-21347 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-21346 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-21345 unknown 5y ago XStream is vulnerable to a Remote Command Execution attack susedebianjava
CVE-2021-21344 unknown 5y ago XStream is vulnerable to an Arbitrary Code Execution attack susedebianjava
CVE-2021-21343 unknown 5y ago XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights susedebianjava
CVE-2021-21342 unknown 5y ago A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host susedebianjava
CVE-2021-21341 unknown 5y ago XStream can cause a Denial of Service. susedebianjava
CVE-2020-26258 unknown 6y ago Server-Side Forgery Request can be activated unmarshalling with XStream susedebianjava
CVE-2020-26259 unknown 6y ago XStream vulnerable to an Arbitrary File Deletion on the local host when unmarshalling susedebianjava
CVE-2020-26217 unknown 6y ago XStream can be used for Remote Code Execution susedebianjava
CVE-2017-7957 unknown 6y ago Denial of service in XStream susedebianjava
CVE-2016-3674 unknown 6y ago XML External Entity Injection in XStream debianjava
CVE-2019-10173 unknown 7y ago Deserialization of Untrusted Data and Code Injection in xstream susedebianjava
CVE-2013-7285 unknown 7y ago Command Injection in Xstream susedebianjava