Ecosyste.ms: Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

Top 5.4% on repo1.maven.org
Top 0.1% dependent packages on repo1.maven.org
Top 0.1% dependent repos on repo1.maven.org
Top 0.1% docker downloads on repo1.maven.org

repo1.maven.org : com.thoughtworks.xstream:xstream

XStream is a serialization library from Java objects to XML and back.

Registry - Source - Homepage - Documentation - JSON
purl: pkg:maven/com.thoughtworks.xstream/xstream
Keywords: java, xml, xstream
License: BSD-3-Clause
Latest release: over 1 year ago
First release: over 17 years ago
Namespace: com.thoughtworks.xstream
Dependent packages: 1,882
Dependent repositories: 25,482
Stars: 721 on GitHub
Forks: 224 on GitHub
Docker dependents: 8,503
Docker downloads: 5,023,921,787
See more repository details: repos.ecosyste.ms
Last synced: 4 days ago

Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhyY3AtOGYzcS00dzJj
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU2cDgtM2ZoOS00Y3Zx
XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos)
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU5anctanFmNC0zd3Ez
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: about 3 years ago
Low
GSA_kwCzR0hTQS0zbXE1LWZxOWgtZ2o3as4AAu55
Duplicate Advisory: Denial of Service due to parser crash
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 1 year ago
Withdrawn: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJnaDMtOTg3aC13cG13
XML External Entity Injection in XStream
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: almost 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdod2MtNDZybS02NWpo
Denial of service in XStream
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: almost 4 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1NTQteDIyMi13Z2Y3
Command Injection in Xstream
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: almost 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwZnEtcGg3ci1xdjZm
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqcmotNTI1cC04MjZ2
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA4cHEtcjg5NC1mbThm
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc1dzYtbXJqNy03NWgy
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY0eHgtY3E0cS1tZjQ0
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh3NHAtY3Jwai12angy
A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNjY3EtNXZ3My0ycDZ4
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFyeDgtODU0NS00d2cy
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW13MzYtN2M2Yy1xNHEy
XStream can be used for Remote Code Execution
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg3djQtN3hnMy1oeGNj
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhmMjMtOXBmNy0zODhw
Deserialization of Untrusted Data and Code Injection in xstream
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: almost 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzZ2MtbWp4Zy1ndnJx
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY2aG0tODh4My1tZmp2
A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJwM3gtcXc5Yy0yNWho
XStream can cause a Denial of Service.
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpmdngtN3dyeC00M2Zo
XStream vulnerable to an Arbitrary File Deletion on the local host when unmarshalling
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3cGMtOHhxdi1qdmo0
XStream is vulnerable to a Remote Command Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhwaDItbTNnNS14eHY0
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ3Zjktam1nOS12eGNj
XStream can cause a Denial of Service
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
GSA_kwCzR0hTQS1ybXI1LWNwdjItdmdqZs0n7Q
Denial of Service by injecting highly recursive collections or maps in XStream
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo5aDgtcGhydy1oNGZo
XStream is vulnerable to a Remote Command Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
GSA_kwCzR0hTQS1qNTYzLWdyeDQtcGpwds4AAwpk
XStream can cause Denial of Service via stack overflow
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ3NjItaHg3ci1tdzY4
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRjY2gtd3hwdy04cDI4
Server-Side Forgery Request can be activated unmarshalling with XStream
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN4Zm0tNW00Zy14N3hw
A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJxOHgtMnA3Zi01NzR2
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjaHYtcnJ3Ni13NmZj
XStream is vulnerable to a Remote Command Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRocm0tbTY3di01Y3hy
XStream is vulnerable to an Arbitrary Code Execution attack
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc0Y3YtZjU4eC1mOXdm
XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2djgtMzM2Zy1yeDNt
A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: about 3 years ago
High
GSA_kwCzR0hTQS1mOGNjLWc3ajgteHhwbc4AAwqj
XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: github
Published: over 1 year ago