Known Vulnerabilities for Xstream by Xstream Project
Listed below are 10 of the newest known vulnerabilities associated with "Xstream" by "Xstream Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-41966 json | XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the ... | 7.5 - HIGH | 2022-12-28 | 2023-06-27 |
| CVE-2022-40156 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All referen... | Not Provided | 2022-09-16 | 2023-11-07 |
| CVE-2022-40155 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All referen... | Not Provided | 2022-09-16 | 2023-11-07 |
| CVE-2022-40154 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All referen... | Not Provided | 2022-09-16 | 2023-11-07 |
| CVE-2022-40153 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All referen... | Not Provided | 2022-09-16 | 2023-11-07 |
| CVE-2022-40152 json | Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the... | 7.5 - HIGH | 2022-09-16 | 2023-02-09 |
| CVE-2022-40151 json | Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on us... | 7.5 - HIGH | 2022-09-16 | 2022-09-20 |
| CVE-2021-43859 json | XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remot... | 7.5 - HIGH | 2022-02-01 | 2023-11-07 |
| CVE-2021-39154 json | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a r... | 8.5 - HIGH | 2021-08-23 | 2023-11-07 |
| CVE-2021-39153 json | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a r... | 8.5 - HIGH | 2021-08-23 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Xstream Project | Xstream | 1.4.9 | |||
| Application | Xstream Project | Xstream | 1.4.8 | |||
| Application | Xstream Project | Xstream | 1.4.7 | |||
| Application | Xstream Project | Xstream | 1.4.6 | |||
| Application | Xstream Project | Xstream | 1.4.5 | |||
| Application | Xstream Project | Xstream | 1.4.4 | |||
| Application | Xstream Project | Xstream | 1.4.3 | |||
| Application | Xstream Project | Xstream | 1.4.2 | |||
| Application | Xstream Project | Xstream | 1.4.15 | |||
| Application | Xstream Project | Xstream | 1.4.14 | |||
| Application | Xstream Project | Xstream | 1.4.13 | |||
| Application | Xstream Project | Xstream | 1.4.12 | |||
| Application | Xstream Project | Xstream | 1.4.11.1 | |||
| Application | Xstream Project | Xstream | 1.4.11 | |||
| Application | Xstream Project | Xstream | 1.4.10 | |||
| Application | Xstream Project | Xstream | 1.4.1 | |||
| Application | Xstream Project | Xstream | 1.4 | |||
| Application | Xstream Project | Xstream | 1.3.1 | |||
| Application | Xstream Project | Xstream | 1.3 | |||
| Application | Xstream Project | Xstream | 1.2.2 |