xstream (SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS package xstream, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2022-41966 — CVSS 8.2 (high): XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application…
CVE-2024-47072 — CVSS 7.5 (high): XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remote attacker to terminate the…
CVE-2022-40151 — CVSS 6.5 (medium): Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied…