5.15.1

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-28	CVE-2022-41678	Unspecified vulnerability in Apache Activemq Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler#handlePostRequest is able to create JmxRequest through JSONObject. network low complexity apache	8.8
2023-10-27	CVE-2023-46604	The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. network low complexity apache debian netapp critical	9.8
2021-03-23	CVE-2021-21351	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-434 critical	9.1
2021-03-23	CVE-2021-21350	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-434 critical	9.8
2021-03-23	CVE-2021-21349	Deserialization of Untrusted Data vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-502	8.6
2021-03-23	CVE-2021-21348	Resource Exhaustion vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-400	7.5
2021-03-23	CVE-2021-21347	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-434 critical	9.8
2021-03-23	CVE-2021-21346	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-434 critical	9.8
2021-03-23	CVE-2021-21345	OS Command Injection vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-78 critical	9.9
2021-03-23	CVE-2021-21344	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-434 critical	9.8