rpm package

suse/xstream&distro=SUSE Linux Enterprise Module for Development Tools 15 SP2

pkg:rpm/suse/xstream&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2

Vulnerabilities (29)

CVE	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2021-39150	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime
CVE-2021-39152	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime
CVE-2021-39140	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of servic
CVE-2021-39149	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39148	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39147	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39146	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39145	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39141	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39153	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if using the version out of the box w
CVE-2021-39151	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39139	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. A user is only affected if using the
CVE-2021-39154	—		< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39144	—	KEV	< 1.4.18-3.14.1	1.4.18-3.14.1	Aug 23, 2021	XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-29505	—		< 1.4.17-3.11.2	1.4.17-3.11.2	May 28, 2021	XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the
CVE-2021-21348	—		< 1.4.16-3.8.1	1.4.16-3.8.1	Mar 22, 2021	XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recomm
CVE-2021-21349	—		< 1.4.16-3.8.1	1.4.16-3.8.1	Mar 22, 2021	XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stre
CVE-2021-21350	—		< 1.4.16-3.8.1	1.4.16-3.8.1	Mar 22, 2021	XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by manipulating the processed input stream. No user is affected, who followed the reco
CVE-2021-21351	—		< 1.4.16-3.8.1	1.4.16-3.8.1	Mar 22, 2021	XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected,
CVE-2021-21341	—		< 1.4.16-3.8.1	1.4.16-3.8.1	Mar 22, 2021	XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting

CVE-2021-39150Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime
CVE-2021-39152Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime
CVE-2021-39140Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of servic
CVE-2021-39149Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39148Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39147Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39146Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39145Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39141Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39153Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if using the version out of the box w
CVE-2021-39151Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39139Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. A user is only affected if using the
CVE-2021-39154Aug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-39144KEVAug 23, 2021
affected < 1.4.18-3.14.1fixed 1.4.18-3.14.1
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the
CVE-2021-29505May 28, 2021
affected < 1.4.17-3.11.2fixed 1.4.17-3.11.2
XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the
CVE-2021-21348Mar 22, 2021
affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recomm
CVE-2021-21349Mar 22, 2021
affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stre
CVE-2021-21350Mar 22, 2021
affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by manipulating the processed input stream. No user is affected, who followed the reco
CVE-2021-21351Mar 22, 2021
affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected,
CVE-2021-21341Mar 22, 2021
affected < 1.4.16-3.8.1fixed 1.4.16-3.8.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting

Page 1 of 2