Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

xstream — Vulnerabilities & Security Advisories 34

All 34 CVE vulnerabilities found in xstream, with AI-generated Chinese analysis, references, and POCs.

Vendor: xstream

CVE IDTitleCVSSSeverityPublished
CVE-2024-47072 XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream CWE-121 7.5 High2024-11-07
CVE-2022-41966 XStream Denial of Service via stack overflow CWE-120 8.2 High2022-12-27
CVE-2022-40151 Stack Buffer Overflow in xstream CWE-121 6.5 Medium2022-09-16
CVE-2021-43859 Denial of Service by injecting highly recursive collections or maps in XStream CWE-400 7.5 High2022-02-01
CVE-2021-39150 A Server-Side Forgery Request vulnerability in XStream via PriorityQueue unmarshaling CWE-502 8.5 High2021-08-23
CVE-2021-39152 A Server-Side Forgery Request vulnerability in XStream via HashMap unmarshaling CWE-502 8.5 High2021-08-23
CVE-2021-39140 XStream can cause a Denial of Service CWE-502 6.5 Medium2021-08-23
CVE-2021-39149 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 8.5 High2021-08-23
CVE-2021-39148 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 8.5 High2021-08-23
CVE-2021-39147 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 8.5 High2021-08-23
CVE-2021-39146 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 8.5 High2021-08-23
CVE-2021-39145 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 8.5 High2021-08-23
CVE-2021-39141 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 8.5 High2021-08-23
CVE-2021-39153 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 8.5 High2021-08-23
CVE-2021-39151 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 8.5 High2021-08-23
CVE-2021-39139 XStream is vulnerable to an Arbitrary Code Execution attack CWE-502 8.5 High2021-08-23
CVE-2021-39154 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 8.5 High2021-08-23
CVE-2021-39144 XStream is vulnerable to a Remote Command Execution attack CWE-94 8.5 High2021-08-23
CVE-2021-29505 XStream is vulnerable to a Remote Command Execution attack CWE-94 7.5 High2021-05-28
CVE-2021-21348 XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos) CWE-400 5.3 Medium2021-03-22
CVE-2021-21349 A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host CWE-502 6.1 Medium2021-03-22
CVE-2021-21350 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 5.3 Medium2021-03-22
CVE-2021-21351 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 5.4 Medium2021-03-22
CVE-2021-21341 XStream can cause a Denial of Service CWE-400 7.5 High2021-03-22
CVE-2021-21342 A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host CWE-502 5.3 Medium2021-03-22
CVE-2021-21343 XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights CWE-73 5.3 Medium2021-03-22
CVE-2021-21344 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 5.3 Medium2021-03-22
CVE-2021-21345 XStream is vulnerable to a Remote Command Execution attack CWE-94 5.8 Medium2021-03-22
CVE-2021-21346 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 6.1 Medium2021-03-22
CVE-2021-21347 XStream is vulnerable to an Arbitrary Code Execution attack CWE-434 6.1 Medium2021-03-22

All 34 known CVE vulnerabilities affecting xstream with full Chinese analysis, references, and POCs where available.