Published: 16/09/2022 Updated: 20/09/2022

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

DescriptionA flaw was found in the XStream package. This flaw allows an malicious user to cause a denial of service (DoS) in its target via XML serialization.A flaw was found in the XStream package. This flaw allows an malicious user to cause a denial of service (DoS) in its target via XML serialization.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xstream project xstream

Synopsis Moderate: Red Hat Integration Camel Extensions For Quarkus 2132 Type/Severity Security Advisory: Moderate Topic Red Hat Integration Camel Extensions for Quarkus 2132 is now available The purpose of this text-only errata is to inform you about the security issues fixedRed Hat Product Security has rated this update as having an i ...

Synopsis Important: jenkins and jenkins-2-plugins security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...

Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS) If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow This effect may support a denial of service attack (CVE-2022-40151) ...

DescriptionA flaw was found in the XStream package This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serializationA flaw was found in the XStream package This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization ...

Multiple vulnerabilities have been found in Hitachi Ops Center Common Services CVE-2020-8908, CVE-2020-14326, CVE-2020-25633, CVE-2020-36518, CVE-2021-20289, CVE-2021-21290, CVE-2021-46877, CVE-2022-3782, CVE-2022-4147, CVE-2022-40151, CVE-2022-40152, CVE-2022-41915, CVE-2022-41946, CVE-2022-41966, CVE-2023-0091, CVE-2023-1370, CVE-2023-28708 ...

CWE-787 https://github.com/x-stream/xstream/issues/304 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47367 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2023:0469 https://alas.aws.amazon.com/AL2/ALAS-2024-2464.html https://access.redhat.com/security/cve/cve-2022-40151

CVE-2022-40151

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect