exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2021-21341

Status Candidate

Overview

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.

Related Files

Red Hat Security Advisory 2021-5134-05
Posted Dec 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5134-05 - This release of Red Hat Fuse 7.10.0 serves as a replacement for Red Hat Fuse 7.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, information leakage, memory leak, privilege escalation, server-side request forgery, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, memory leak
systems | linux, redhat
advisories | CVE-2019-10744, CVE-2019-12415, CVE-2020-11987, CVE-2020-11988, CVE-2020-13943, CVE-2020-13949, CVE-2020-15522, CVE-2020-17521, CVE-2020-17527, CVE-2020-26217, CVE-2020-26259, CVE-2020-27218, CVE-2020-27223, CVE-2020-27782, CVE-2020-28491, CVE-2020-2875, CVE-2020-2934, CVE-2020-35510, CVE-2020-9488, CVE-2021-20218, CVE-2021-21290, CVE-2021-21295, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344
SHA-256 | 9284d27525337878d1b616a42ec6964f345739a90a655ed05cfae5b196bdeacd
Red Hat Security Advisory 2021-4918-03
Posted Dec 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4918-03 - A minor version update is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, deserialization, information leakage, privilege escalation, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2020-14326, CVE-2020-28491, CVE-2021-20328, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21350, CVE-2021-21351, CVE-2021-22118, CVE-2021-27568, CVE-2021-29505, CVE-2021-31812, CVE-2021-39139, CVE-2021-39140, CVE-2021-39141, CVE-2021-39144, CVE-2021-39145, CVE-2021-39146, CVE-2021-39147, CVE-2021-39148
SHA-256 | d5c90a3e7232924ae6e8b38f5e9ef8c694af77ff921bcdb7b07c49f3c69e7068
Debian Security Advisory 5004-1
Posted Nov 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5004-1 - Multiple security vulnerabilities have been discovered in XStream, a Java library to serialize objects to XML and back again.

tags | advisory, java, vulnerability
systems | linux, debian
advisories | CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351, CVE-2021-29505, CVE-2021-39139, CVE-2021-39140
SHA-256 | e3aca8ca24ba1bae991a19b9c891853d3fde83ade3db51bc3a65a899cca8f0ac
Red Hat Security Advisory 2021-4767-01
Posted Nov 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4767-01 - This release of Red Hat Integration - Camel Extensions for Quarkus - 2.2 GA serves as a replacement for tech-preview 2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, code execution, denial of service, deserialization, information leakage, resource exhaustion, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2020-14326, CVE-2020-26217, CVE-2020-26258, CVE-2020-26259, CVE-2020-27218, CVE-2020-27223, CVE-2020-28052, CVE-2020-28491, CVE-2021-20289, CVE-2021-20328, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351, CVE-2021-27568, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165
SHA-256 | 9dff15e298c722ad84d5f39cb4d850c04124d91986161bb1afd605f4e69d1c9d
Red Hat Security Advisory 2021-2476-01
Posted Jun 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2476-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.11.0 serves as an update to Red Hat Decision Manager 7.10.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection, code execution, denial of service, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-11988, CVE-2020-25649, CVE-2020-26258, CVE-2020-26259, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351
SHA-256 | c7ecab2767572bcae7a835e6563b631e2de5bcbbf260dbcf564ddf63104b4342
Red Hat Security Advisory 2021-2475-01
Posted Jun 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2475-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.11.0 serves as an update to Red Hat Process Automation Manager 7.10.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection, code execution, denial of service, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-11988, CVE-2020-25649, CVE-2020-26258, CVE-2020-26259, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351
SHA-256 | 44f2a427aa38603abc596c8eab0bea14baf4d87b51fcd63235260362ce1b3c02
Red Hat Security Advisory 2021-2139-01
Posted May 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2139-01 - Red Hat Data Grid is a distributed, in-memory data store. This release of Red Hat Data Grid 8.2.0 serves as a replacement for Red Hat Data Grid 8.1.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, code execution, denial of service, information leakage, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-10771, CVE-2020-26258, CVE-2020-26259, CVE-2021-21290, CVE-2021-21295, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351, CVE-2021-21409, CVE-2021-31917
SHA-256 | 26b79e23d99e81d46adcd853630427afc565a8681dad9bf539101220d92dd7b9
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close