Read Time:23 Second

XStream serializes Java objects to XML and back again. Versions prior to
1.4.15-3+deb11u2 may allow a remote attacker to terminate the application with
a stack overflow error, resulting in a denial of service only via manipulation
of the processed input stream. The attack uses the hash code implementation for
collections and maps to force recursive hash calculation causing a stack
overflow. This update handles the stack overflow and raises an
InputManipulationException instead.

Read More

More Stories

CVE-2016-15023

A vulnerability, which was classified as problematic, was found in SiteFusion Application Server up to 6.6.6. This affects an unknown...

CVE-2020-20402

Westbrookadmin portfolioCMS v1.05 allows attackers to bypass password validation and access sensitive information via session fixation. Read More

pesign-116-1.fc37

FEDORA-2023-e77628f240 Packages in this update: pesign-116-1.fc37 Update description: New upstream release (116) Fix CVE-2022-3560 This is a privilege escalation in...

pesign-115-4.fc36

FEDORA-2023-5399953e3b Packages in this update: pesign-115-4.fc36 Update description: Fix CVE-2022-3560 This is a privilege escalation in the pesign-authorize script, which...

Generated by Feedzy