Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2021:1354: Red Hat Security Advisory: xstream security update

An update for xstream is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.XStream is a Java XML serialization library to serialize objects to and deserialize object from XML. Security Fix(es):

  • XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet (CVE-2021-21344)
  • XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry (CVE-2021-21345)
  • XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue (CVE-2021-21346)
  • XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator (CVE-2021-21347)
  • XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader (CVE-2021-21350) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Related CVEs:
  • CVE-2021-21344: XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet
  • CVE-2021-21345: XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry
  • CVE-2021-21346: XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue
  • CVE-2021-21347: XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator
  • CVE-2021-21350: XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader
Red Hat Security Data
#sql#vulnerability#linux#red_hat#apache#java

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update