1. Home
  2. CVEs with refmap.mlist==[struts-commits] 20201221 [struts] branch master updated: Upgrades XStream to version 1.4.15 to address CVE-2020-26258, CVE-2020-26259
Max CVSS 6.4 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-26259 6.4
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remote attacker to delete arbitrar
30-11-2021 - 21:43 16-12-2020 - 01:15
CVE-2020-26258 5.0
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request vulnerability can be activated when unmarshalling. The vulnerability may allow a remote attacker to request data fro
30-11-2021 - 18:27 16-12-2020 - 01:15
Back to Top Mark selected
Back to Top