CVE-2021-21348

Uncontrolled Resource Consumption in maven/com.thoughtworks.xstream/xstream

Identifier

CVE-2021-21348

Package Slug

maven/com.thoughtworks.xstream/xstream

Vulnerability

Uncontrolled Resource Consumption

Description

XStream is a Java library to serialize objects to XML and back again. In XStream, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return.

Affected Versions

All versions before 1.4.16

Solution

Upgrade to version 1.4.16 or above.

Last Modified

2021-03-26

source