Advisories

What Are You Looking For?

Popular Tags

Synopsis:          Important: xstream security update
Advisory ID:       SLSA-2021:1354-1
Issue Date:        2021-04-26
CVE Numbers:       CVE-2021-21344
                   CVE-2021-21345
                   CVE-2021-21346
                   CVE-2021-21347
                   CVE-2021-21350
--

Security Fix(es):

* XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet
(CVE-2021-21344)

* XStream: Unsafe deserizaliation of
com.sun.corba.se.impl.activation.ServerTableEntry (CVE-2021-21345)

* XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue
(CVE-2021-21346)

* XStream: Unsafe deserizaliation of
com.sun.tools.javac.processing.JavacProcessingEnvironment
NameProcessIterator (CVE-2021-21347)

* XStream: Unsafe deserizaliation of
com.sun.org.apache.bcel.internal.util.ClassLoader (CVE-2021-21350)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE

---

SL7
 noarch
 - xstream-1.3.1-13.el7_9.noarch.rpm
 - xstream-javadoc-1.3.1-13.el7_9.noarch.rpm
--

- Scientific Linux Development Team

SciLinux: SLSA-2021-1354-1 Important: xstream on SL7.x noarch

Summary

Important: xstream security update

Security Fixes

* XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet (CVE-2021-21344)
* XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry (CVE-2021-21345)
* XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue (CVE-2021-21346)
* XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator (CVE-2021-21347)
* XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader (CVE-2021-21350)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE

SL7 noarch - xstream-1.3.1-13.el7_9.noarch.rpm - xstream-javadoc-1.3.1-13.el7_9.noarch.rpm
- Scientific Linux Development Team

Severity

Advisory ID: SLSA-2021:1354-1

Issued Date: : 2021-04-26

CVE Numbers: CVE-2021-21344

CVE-2021-21345

CVE-2021-21346

News

Advisories

HOWTOs

About Us

Powered By

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.

Learn More About Our Cookie Policy

Advisories

What Are You Looking For?

Popular Tags

SciLinux: SLSA-2021-1354-1 Important: xstream on SL7.x noarch

Summary

Security Fixes

News

Advisories

HOWTOs

Features

Strengthen Your Linux Endpoint Security & Zero Trust Strategy with Defense-in-Depth & Endpoint Encryption

Call for Contributors with Knowledge of Linux Firewalls!

How To Create a Transparent Proxy through the Tor Network to Protect Your Privacy Online with archtorify & kalitorify

You are Tracked Online - Why? And How To Avoid Being Tracked Online

Prepare Your Business for the Future of Cyberwar: A Review of The Art of Cyberwarfare

About Us

Powered By

Advisories

What Are You Looking For?

Popular Tags

SciLinux: SLSA-2021-1354-1 Important: xstream on SL7.x noarch

Summary

Security Fixes

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

Strengthen Your Linux Endpoint Security & Zero Trust Strategy with Defense-in-Depth & Endpoint Encryption

Call for Contributors with Knowledge of Linux Firewalls!

How To Create a Transparent Proxy through the Tor Network to Protect Your Privacy Online with archtorify & kalitorify

You are Tracked Online - Why? And How To Avoid Being Tracked Online

Prepare Your Business for the Future of Cyberwar: A Review of The Art of Cyberwarfare

About Us

Powered By