xstream vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the xstream package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Stack-based Buffer Overflow

<0:1.3.1-16.amzn2.0.4
  • M
Out-of-bounds Write

<0:1.3.1-16.amzn2.0.3
  • H
Deserialization of Untrusted Data

<0:1.3.1-13.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-13.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-13.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-13.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-13.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2.0.2
  • H
Buffer Overflow

<0:1.3.1-16.amzn2.0.1
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2
  • H
Server-Side Request Forgery (SSRF)

<0:1.3.1-16.amzn2
  • H
Server-Side Request Forgery (SSRF)

<0:1.3.1-16.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-16.amzn2
  • H
Arbitrary Code Injection

<0:1.3.1-14.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-13.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-13.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-13.amzn2
  • H
Deserialization of Untrusted Data

<0:1.3.1-13.amzn2
  • H
Arbitrary Code Injection

<0:1.3.1-13.amzn2
  • H
OS Command Injection

<0:1.3.1-12.amzn2