Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
xstream project xstream vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-43859
XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service...
Xstream Project Xstream
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
8.5
CVSSv3
CVE-2021-39152
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime...
Xstream Project Xstream
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Snapmanager -
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0
Oracle Communications Cloud Native Core Binding Support Function 1.10.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Unified Inventory Management 7.4.2
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.3.0.1.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Utilities Framework 4.4.0.3.0
Oracle Utilities Testing Accelerator 6.0.0.1.1
1 Github repository available
6.3
CVSSv3
CVE-2021-39140
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp Snapmanager -
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0
Oracle Communications Cloud Native Core Binding Support Function 1.10.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Unified Inventory Management 7.4.2
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.3.0.1.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Utilities Framework 4.4.0.3.0
Oracle Utilities Testing Accelerator 6.0.0.1.1
1 Github repository available
8.5
CVSSv3
CVE-2021-39150
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime...
Xstream Project Xstream
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Snapmanager -
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0
Oracle Communications Cloud Native Core Binding Support Function 1.10.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Unified Inventory Management 7.4.2
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.3.0.1.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Utilities Framework 4.4.0.3.0
Oracle Utilities Testing Accelerator 6.0.0.1.1
2 Github repositories available
8.5
CVSSv3
CVE-2021-39146
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed...
Xstream Project Xstream
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Snapmanager -
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0
Oracle Communications Cloud Native Core Binding Support Function 1.10.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Unified Inventory Management 7.4.2
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.3.0.1.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Utilities Framework 4.4.0.3.0
Oracle Utilities Testing Accelerator 6.0.0.1.1
1 Github repository available
8.5
CVSSv3
CVE-2021-39149
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed...
Xstream Project Xstream
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Snapmanager -
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0
Oracle Communications Cloud Native Core Binding Support Function 1.10.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Unified Inventory Management 7.4.2
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.3.0.1.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Utilities Framework 4.4.0.3.0
Oracle Utilities Testing Accelerator 6.0.0.1.1
1 Github repository available
8.8
CVSSv3
CVE-2021-39139
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. A user is only affected if using the...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp Snapmanager -
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0
Oracle Communications Cloud Native Core Binding Support Function 1.10.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Unified Inventory Management 7.4.2
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.3.0.1.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Utilities Framework 4.4.0.3.0
Oracle Utilities Testing Accelerator 6.0.0.1.1
8.5
CVSSv3
CVE-2021-39148
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed...
Xstream Project Xstream
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Snapmanager -
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0
Oracle Communications Cloud Native Core Binding Support Function 1.10.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Unified Inventory Management 7.4.2
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.3.0.1.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Utilities Framework 4.4.0.3.0
Oracle Utilities Testing Accelerator 6.0.0.1.1
1 Github repository available
8.5
CVSSv3
CVE-2021-39154
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed...
Xstream Project Xstream
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Snapmanager -
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0
Oracle Communications Cloud Native Core Binding Support Function 1.10.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Unified Inventory Management 7.4.2
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.3.0.1.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Utilities Framework 4.4.0.3.0
Oracle Utilities Testing Accelerator 6.0.0.1.1
1 Github repository available
8.5
CVSSv3
CVE-2021-39145
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp Snapmanager -
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0
Oracle Communications Cloud Native Core Binding Support Function 1.10.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Unified Inventory Management 7.4.2
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.3.0.1.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Utilities Framework 4.4.0.3.0
Oracle Utilities Testing Accelerator 6.0.0.1.1
1 Github repository available
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-30600
CVE-2022-30138
HTML injection
CVE-2022-28924
malicious code
open redirect
CVE-2022-1388
CVE-2022-29383
CVE-2020-16235
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »
Vulmon