xstream is vulnerable to denial of service. The vulnerability exists due to the stack overflow in the processConverterAnnotations
function of AnnotationMapper.java
, allowing an attacker to cause an application crash by providing malicious input through the parser