rpm package
suse/xstream&distro=SUSE Linux Enterprise Module for Development Tools 15 SP2
pkg:rpm/suse/xstream&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2
Vulnerabilities (29)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-39152 | Hig | 8.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime | |
| CVE-2021-39150 | Hig | 8.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime | |
| CVE-2021-39140 | Med | 6.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of servic | |
| CVE-2021-39154 | Hig | 8.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the | |
| CVE-2021-39153 | Hig | 8.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if using the version out of the box w | |
| CVE-2021-39151 | Hig | 8.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the | |
| CVE-2021-39149 | Hig | 8.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the | |
| CVE-2021-39148 | Hig | 8.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the | |
| CVE-2021-39147 | Hig | 8.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the | |
| CVE-2021-39146 | Hig | 8.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the | |
| CVE-2021-39145 | Hig | 8.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the | |
| CVE-2021-39144 | Hig | 8.5 | KEV | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the |
| CVE-2021-39141 | Hig | 8.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the | |
| CVE-2021-39139 | Hig | 8.5 | < 1.4.18-3.14.1 | 1.4.18-3.14.1 | Aug 23, 2021 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. A user is only affected if using the | |
| CVE-2021-29505 | Hig | 7.5 | < 1.4.17-3.11.2 | 1.4.17-3.11.2 | May 28, 2021 | XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the | |
| CVE-2021-21351 | Med | 5.4 | < 1.4.16-3.8.1 | 1.4.16-3.8.1 | Mar 23, 2021 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, | |
| CVE-2021-21350 | Med | 5.3 | < 1.4.16-3.8.1 | 1.4.16-3.8.1 | Mar 23, 2021 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by manipulating the processed input stream. No user is affected, who followed the reco | |
| CVE-2021-21349 | Med | 6.1 | < 1.4.16-3.8.1 | 1.4.16-3.8.1 | Mar 23, 2021 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stre | |
| CVE-2021-21348 | Med | 5.3 | < 1.4.16-3.8.1 | 1.4.16-3.8.1 | Mar 23, 2021 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recomm | |
| CVE-2021-21347 | Med | 6.1 | < 1.4.16-3.8.1 | 1.4.16-3.8.1 | Mar 23, 2021 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is aff |
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of servic
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if using the version out of the box w
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
- affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. A user is only affected if using the
- affected < 1.4.17-3.11.2fixed 1.4.17-3.11.2
XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the
- affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected,
- affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by manipulating the processed input stream. No user is affected, who followed the reco
- affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stre
- affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recomm
- affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is aff
Page 1 of 2