Vulnerabilities > Xstream Project > Xstream > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-28 | CVE-2022-41966 | Uncontrolled Recursion vulnerability in Xstream Project Xstream XStream serializes Java objects to XML and back again. | 7.5 |
2022-09-16 | CVE-2022-40152 | Out-of-bounds Write vulnerability in multiple products Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. | 7.5 |
2022-02-01 | CVE-2021-43859 | Resource Exhaustion vulnerability in multiple products XStream is an open source java library to serialize objects to XML and back again. | 7.5 |
2021-08-23 | CVE-2021-39150 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39152 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39139 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.8 |
2021-08-23 | CVE-2021-39141 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39144 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39145 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39146 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |