Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks . If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack