rpm package
suse/xstream&distro=SUSE Linux Enterprise Module for Development Tools 15 SP3
pkg:rpm/suse/xstream&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3
Vulnerabilities (27)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-21341 | — | < 1.4.16-3.8.1 | 1.4.16-3.8.1 | Mar 22, 2021 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting | ||
| CVE-2021-21342 | — | < 1.4.16-3.8.1 | 1.4.16-3.8.1 | Mar 22, 2021 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new inst | ||
| CVE-2021-21343 | — | < 1.4.16-3.8.1 | 1.4.16-3.8.1 | Mar 22, 2021 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new inst | ||
| CVE-2021-21344 | — | < 1.4.16-3.8.1 | 1.4.16-3.8.1 | Mar 22, 2021 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is aff | ||
| CVE-2021-21345 | — | < 1.4.16-3.8.1 | 1.4.16-3.8.1 | Mar 22, 2021 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker who has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is | ||
| CVE-2021-21346 | — | < 1.4.16-3.8.1 | 1.4.16-3.8.1 | Mar 22, 2021 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is aff | ||
| CVE-2021-21347 | — | < 1.4.16-3.8.1 | 1.4.16-3.8.1 | Mar 22, 2021 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is aff |
- CVE-2021-21341Mar 22, 2021affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting
- CVE-2021-21342Mar 22, 2021affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new inst
- CVE-2021-21343Mar 22, 2021affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new inst
- CVE-2021-21344Mar 22, 2021affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is aff
- CVE-2021-21345Mar 22, 2021affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker who has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is
- CVE-2021-21346Mar 22, 2021affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is aff
- CVE-2021-21347Mar 22, 2021affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is aff
Page 2 of 2