[WW-5167] Upgrade XStream to version 1.4.19 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Dependency
Status: Closed
Priority: Trivial
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 6.0.0
Component/s: None
Labels:
None

Description

This maintenance release addresses the security vulnerability CVE-2021-43859, when unmarshalling highly recursive collections or maps causing a Denial of Service.

http://x-stream.github.io/CVE-2021-43859.html

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Lukasz Lenart

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 06/Feb/22 10:22

Updated:: 14/Jun/22 09:47

Resolved:: 06/Feb/22 10:26