Xstream

Xstream

37 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2021-21350

Exploit
  • EPSS 7.11%
  • Published 23.03.2021 00:15:13
  • Last modified 23.05.2025 17:43:08

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by manipulating the processed input stream. No user is a...

8.6

CVE-2021-21349

Exploit
  • EPSS 6.75%
  • Published 23.03.2021 00:15:13
  • Last modified 23.05.2025 17:42:48

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipul...

7.8

CVE-2021-21348

  • EPSS 0.2%
  • Published 23.03.2021 00:15:13
  • Last modified 23.05.2025 17:42:08

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is aff...

9.8

CVE-2021-21347

Exploit
  • EPSS 2.63%
  • Published 23.03.2021 00:15:13
  • Last modified 23.05.2025 17:41:49

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processe...

7.5

CVE-2021-21343

Exploit
  • EPSS 0.62%
  • Published 23.03.2021 00:15:12
  • Last modified 23.05.2025 17:40:13

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStr...

7.5

CVE-2021-21341

Exploit
  • EPSS 23.43%
  • Published 23.03.2021 00:15:12
  • Last modified 23.05.2025 17:38:30

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel executio...

9.1

CVE-2021-21342

Exploit
  • EPSS 1.02%
  • Published 23.03.2021 00:15:12
  • Last modified 23.05.2025 17:39:23

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStr...

9.8

CVE-2021-21344

Exploit
  • EPSS 28.06%
  • Published 23.03.2021 00:15:12
  • Last modified 23.05.2025 17:40:53

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processe...

9.9

CVE-2021-21345

Exploit
  • EPSS 86.96%
  • Published 23.03.2021 00:15:12
  • Last modified 23.05.2025 17:41:10

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker who has sufficient rights to execute commands of the host only by manipulating the proc...

9.8

CVE-2021-21346

Exploit
  • EPSS 3.97%
  • Published 23.03.2021 00:15:12
  • Last modified 23.05.2025 17:41:29

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processe...