com.thoughtworks.xstream:xstream vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2021-21345Mediumcom.thoughtworks.xstream:xstream: XStream is vulnerable to a Remote Command Execution attackCVE-2021-21344Mediumcom.thoughtworks.xstream:xstream: XStream is vulnerable to an Arbitrary Code Execution attackCVE-2021-21343Mediumcom.thoughtworks.xstream:xstream: XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient…CVE-2021-21342Mediumcom.thoughtworks.xstream:xstream: A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a…CVE-2021-21341Highcom.thoughtworks.xstream:xstream: XStream can cause a Denial of Service.CVE-2020-26258Mediumcom.thoughtworks.xstream:xstream: Server-Side Forgery Request can be activated unmarshalling with XStreamCVE-2020-26259Mediumcom.thoughtworks.xstream:xstream: XStream vulnerable to an Arbitrary File Deletion on the local host when unmarshallingCVE-2020-26217Highcom.thoughtworks.xstream:xstream: XStream can be used for Remote Code ExecutionCVE-2017-7957Highcom.thoughtworks.xstream:xstream: Denial of service in XStreamCVE-2016-3674Highcom.thoughtworks.xstream:xstream: XML External Entity Injection in XStreamCVE-2019-10173Criticalcom.thoughtworks.xstream:xstream: Deserialization of Untrusted Data and Code Injection in xstreamCVE-2013-7285Criticalcom.thoughtworks.xstream:xstream: Command Injection in Xstream

Stop the waste.
Protect your environment with Kodem.