Download
| Alert*
oval:org.secpod.oval:def:110456
XStream is a simple library to serialize objects to XML and back again. A high level facade is supplied that simplifies common use cases. Custom objects can be serialized without need for specifying mappings. Speed and low memory footprint are a crucial part of the design, making it suitable for lar ... oval:org.secpod.oval:def:110452 XStream is a simple library to serialize objects to XML and back again. A high level facade is supplied that simplifies common use cases. Custom objects can be serialized without need for specifying mappings. Speed and low memory footprint are a crucial part of the design, making it suitable for lar ... oval:org.secpod.oval:def:1900481 Multiple XML external entity vulnerabilities in the Dom4JDriver, DomDriver, JDomDriver, JDom2Driver, SjsxpDriver, StandardStaxDriver, and WstxDriver drivers in XStream before 1.4.9allow remote attackers to read arbitrary files via a crafted XML document. oval:org.secpod.oval:def:602499 It was discovered that XStream, a Java library to serialize objects to XML and back again, was susceptible to XML External Entity attacks. |