Lucene search
RedHatRHSA-2014:0216HistoryFeb 26, 2014 - 8:31 p.m.
(RHSA-2014:0216) Important: XStream security update
2014-02-2620:31:01
access.redhat.com
25
EPSS
0.409
Percentile
97.4%
XStream is a simple library to serialize and de-serialize objects to and
from XML.
It was found that XStream could deserialize arbitrary user-supplied XML
content, representing objects of any type. A remote attacker able to pass
XML to XStream could use this flaw to perform a variety of attacks,
including remote code execution in the context of the server running the
XStream application. (CVE-2013-7285)
All users of Red Hat JBoss Fuse Service Works 6.0.0 as provided from the
Red Hat Customer Portal are advised to apply this update.
Related
redhat
redhat
(RHSA-2014:0294) Important: XStream security update
2014-03-13 19:11:29
(RHSA-2014:0389) Important: jasperreports-server-pro security update
2014-04-09 00:00:00
exploitdb
exploitdb
OpenMRS Reporting Module 0.9.7 - Remote Code Execution
2016-01-07 00:00:00
cvelist
cvelist
CVE-2013-7285
2019-05-15 16:54:57
CVE-2019-10173
2019-07-23 12:50:44
nessus
nessus
Fedora 19 : xstream-1.3.1-5.1.fc19 (2014-2340)
2014-02-23 00:00:00
Fedora 20 : xstream-1.3.1-9.fc20 (2014-2372)
2014-02-23 00:00:00
GLSA-201612-35 : XStream: Remote execution of arbitrary code
2016-12-13 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: xstream-1.3.1-9.fc20
2014-02-22 00:47:06
[SECURITY] Fedora 19 Update: xstream-1.3.1-5.1.fc19
2014-02-22 00:56:20
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0100)
2022-01-28 00:00:00
JFrog Artifactory < 3.1.1.1 XStream RCE Vulnerability
2014-03-13 00:00:00
Fedora Update for xstream FEDORA-2014-2340
2014-02-25 00:00:00
nvd
nvd
CVE-2013-7285
2019-05-15 17:29:00
CVE-2019-10173
2019-07-23 13:15:13
packetstorm
packetstorm
OpenMRS Reporting Module 0.9.7 Remote Code Execution
2016-01-06 00:00:00
zdt
zdt
OpenMRS Reporting Module 0.9.7 - Remote Code Execution
2016-01-07 00:00:00
exploitpack
exploitpack
OpenMRS Reporting Module 0.9.7 - Remote Code Execution
2016-01-07 00:00:00
github
github
Command Injection in Xstream
2019-05-29 18:05:03
Server-Side Forgery Request can be activated unmarshalling with XStream
2020-12-21 16:28:42
ubuntucve
ubuntucve
CVE-2013-7285
2019-05-15 00:00:00
CVE-2019-10173
2019-07-23 00:00:00
prion
prion
Design/Logic Flaw
2019-05-15 17:29:00
Deserialization of untrusted data
2019-07-23 13:15:00
osv
osv
Command Injection in Xstream
2019-05-29 18:05:03
CVE-2019-10173
2019-07-23 13:15:13
Server-Side Forgery Request can be activated unmarshalling with XStream
2020-12-21 16:28:42
mageia
mageia
Updated xstream packages fix CVE-2013-7285
2014-02-26 01:54:53
gentoo
gentoo
XStream: Remote execution of arbitrary code
2016-12-13 00:00:00
cve
cve
CVE-2013-7285
2019-05-15 17:29:00
CVE-2019-10173
2019-07-23 13:15:13
debiancve
debiancve
CVE-2013-7285
2019-05-15 17:29:00
CVE-2019-10173
2019-07-23 13:15:13
nuclei
nuclei
XStream <1.4.6/1.4.10 - Remote Code Execution
2023-03-12 03:38:05
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Xstream affect IBM InfoSphere Information Server
2019-11-01 20:48:15
Security Bulletin: XStream as used by IBM QRadar SIEM is vulnerable to OS command injection (CVE-2019-10173)
2019-11-20 17:14:22
Security Bulletin: Multiple Vulnerabilities identified in IBM StoredIQ
2020-02-20 12:42:12
veracode
veracode
Remote Code Execution (RCE)
2019-07-23 05:16:12
freebsd
freebsd
jenkins -- multiple vulnerabilities
2014-02-14 00:00:00
myhack58
myhack58
redhatcve
redhatcve
oracle
oracle
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00