`com.thoughtworks.xstream:xstream`

Ecosystem:
maven

Package URL:
pkg:maven/com.thoughtworks.xstream:xstream

Total PRs:
155 Dependabot PRs

Latest PR:
about 2 months ago

Unique Repositories:
133 repositories

Unique Repos (30 days):
2 repositories

Security Advisories

XStream vulnerable to an Arbitrary File Deletion on the local host when unmarshalling

GHSA-jfvx-7wrx-43fh CVE-2020-26259 MODERATE published over 5 years ago • updated 13 days ago

### Impact The vulnerability may allow a remote attacker to delete arbitrary know files on the host as log as the executing process has sufficient ...

View all 37 advisories

Recent PRs

RSS Feed

chore: bump the maven group across 1 directory with 2 updates

Cluster-Mesh/WebGoat #12

1.4.5 → 1.4.21 Patch PR

Open about 2 months ago 1 comment

Bump the maven group across 1 directory with 3 updates

ThalesGroup/igniterealtime_Spark #1

1.4.20 → 1.4.21 Patch PR

Closed 3 months ago 1 comment

Bump the maven group across 3 directories with 8 updates

Excecrable/javamelody #5

1.4.10 → 1.4.21 Patch PR

Closed 4 months ago 1 comment

Bump com.thoughtworks.xstream:xstream from 1.4.7 to 1.4.21 in /contrib/ambari-scom/ambari-scom-server

AndresMaqueo/ambari #22

1.4.7 → 1.4.21 Patch PR

Closed 7 months ago 1 comment

Bump com.thoughtworks.xstream:xstream from 1.4.10 to 1.4.21 in /services/user-service in the maven group across 1 directory

og-dmacinnes/vulnshop #1

1.4.10 → 1.4.21 Patch PR

Closed 7 months ago 1 comment

Bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

testOnboarding-Jie/WebGoat #4

1.4.5 → 1.4.21 Patch PR

Closed 7 months ago 1 comment

Bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

sig-chakrava/webgoat_source #5

1.4.5 → 1.4.21 Patch PR

Open 8 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.17 to 1.4.21

marcomarasca/Synapse-Repository-Services #40

1.4.17 → 1.4.21 Patch PR

Open 8 months ago

chore: bump the maven group across 1 directory with 2 updates

kalinowskiremi/WebGoat #17

1.4.5 → 1.4.21 Patch PR

Open 8 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.10 to 1.4.21 in /redhat/training/pam/project in the maven group across 1 directory

offsoc/docker_env #1

1.4.10 → 1.4.21 Patch PR

Open 9 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.19 to 1.4.21

hazelcast/hazelcast-eureka #258

1.4.19 → 1.4.21 Patch PR

Open 9 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.19 to 1.4.21

piacenti/dsl-maker #62

1.4.19 → 1.4.21 Patch PR

Open 9 months ago

chore: bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

kalinowskiremi/WebGoat #13

1.4.5 → 1.4.21 Patch PR

Closed 9 months ago 1 comment

chore: bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

amills4421/webgoat-security-workshop #5

1.4.5 → 1.4.21 Patch PR

Open 9 months ago

chore: bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

HenryWu7175/webgoat-security-workshop #6

1.4.5 → 1.4.21 Patch PR

Open 9 months ago

chore: bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

IsabellaSlome/webgoat-security-workshop #8

1.4.5 → 1.4.21 Patch PR

Open 9 months ago

chore: bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

Felix-Hardjana/sast-workshop #10

1.4.5 → 1.4.21 Patch PR

Open 9 months ago

chore: bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

MigiIsRight/WebGoat #5

1.4.5 → 1.4.21 Patch PR

Open 9 months ago

chore: bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

Mythicalhoppa/webgoat-security-workshop #4

1.4.5 → 1.4.21 Patch PR

Open 9 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.18 to 1.4.21

thinking-github/conductor #241

1.4.18 → 1.4.21 Patch PR

Open 9 months ago 3 comments

Bump com.thoughtworks.xstream:xstream from 1.4.20 to 1.4.21 in /event-store-builder/bin

A-D-Events/music-event-finder #3

1.4.20 → 1.4.21 Patch PR

Merged 9 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.7 to 1.4.21 in /Code/mvn_project

GZaretti/HEIGVD_MoneyThoring #2

1.4.7 → 1.4.21 Patch PR

Open 9 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.3 to 1.4.21

CentralValleyModeling/wrims-engine #118

1.4.3 → 1.4.21 Patch PR

Open 9 months ago 5 comments

Bump com.thoughtworks.xstream:xstream from 1.4.20 to 1.4.21 in /logicaldoc-parent

logicaldoc/community #103

1.4.20 → 1.4.21 Patch PR

Closed 9 months ago 1 comment

Bump the all-dependencies group across 1 directory with 10 updates

CentralValleyModeling/wrims-engine #106

1.4.3 → 1.4.21 Patch PR

Open 10 months ago 2 comments

Bump com.thoughtworks.xstream:xstream from 1.4.20 to 1.4.21

igniterealtime/openfire-fastpath-plugin #80

1.4.20 → 1.4.21 Patch PR

Open 10 months ago

Bump the all-dependencies group across 1 directory with 14 updates

CentralValleyModeling/wrims-engine #102

1.4.3 → 1.4.21 Patch PR

Open 10 months ago 1 comment

Bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21 in the maven group across 1 directory

Charlee123/mydemo #12

1.4.5 → 1.4.21 Patch PR

Open 10 months ago 1 comment

chore: bump the maven group across 1 directory with 4 updates

KPMG-Demo-Organization/WebGoat #6

1.4.5 → 1.4.21 Patch PR

Open 10 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

mjones-fs/WebGoat #4

1.4.5 → 1.4.21 Patch PR

Open 10 months ago

Bump the all-dependencies group with 10 updates

CentralValleyModeling/wrims-engine #92

1.4.3 → 1.4.21 Patch PR

Closed 10 months ago 1 comment

Bump com.thoughtworks.xstream:xstream from 1.4.20 to 1.4.21 in /FactoryMethod/maladireta-cliente

danilogmoura/principais-design-patterns-aplicados-com-java #1

1.4.20 → 1.4.21 Patch PR

Open 10 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.19 to 1.4.21

shoucheng3/apache__jspwiki_CVE-2022-46907_2-11-3 #2

1.4.19 → 1.4.21 Patch PR

Open 10 months ago

Bump the maven group across 1 directory with 16 updates

luci-digital/cloudstack #2

1.4.20 → 1.4.21 Patch PR

Open 10 months ago

Bump the maven group across 10 directories with 23 updates

jadenblack/keycloak #3

1.4.20 → 1.4.21 Patch PR

Open 10 months ago

chore: bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

DupouxCorp/WebGoat #2

1.4.5 → 1.4.21 Patch PR

Open 10 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21 in /tools/deploy/module2 in the maven group across 1 directory

nickdwes/AKS-DevSecOps-Workshop #6

1.4.5 → 1.4.21 Patch PR

Open 10 months ago

chore: bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

karun-appsec/WebGoat-dependabot #2

1.4.5 → 1.4.21 Patch PR

Open 10 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.15 to 1.4.21

beykery/jkcp #30

1.4.15 → 1.4.21 Patch PR

Open 10 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

Rainnie-007/sonatype #11

1.4.5 → 1.4.21 Patch PR

Open 11 months ago

chore: bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

DanteArcanaelMontford/WebGoat #1

1.4.5 → 1.4.21 Patch PR

Open 11 months ago 2 comments

Bump com.thoughtworks.xstream:xstream from 1.4.7 to 1.4.21 in /parent

eroad/camel #1

1.4.7 → 1.4.21 Patch PR

Open 11 months ago

Bump the maven group across 1 directory with 21 updates

rex21919/EUSURVEY #1

1.4.9 → 1.4.21 Patch PR

Open 11 months ago

chore: bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

Daren9m/WebGoat_Clone #21

1.4.5 → 1.4.21 Patch PR

Open 11 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.8 to 1.4.21 in /modules/hibernate-5.1

gridgain/gridgain #3471

1.4.8 → 1.4.21 Patch PR

Open 11 months ago

Bump com.thoughtworks.xstream:xstream from 1.4.15 to 1.4.21

teras/appenh #2

1.4.15 → 1.4.21 Patch PR

Merged 11 months ago

chore: bump the maven group across 1 directory with 4 updates

IronKnight66/WebGoat #2

1.4.5 → 1.4.21 Patch PR

Open 11 months ago

chore: bump the maven group across 1 directory with 2 updates

Daren9m/WebGoat_fork #22

1.4.5 → 1.4.21 Patch PR

Closed 11 months ago 1 comment

chore: bump com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.21

Daren9m/WebGoat_fork #19

1.4.5 → 1.4.21 Patch PR

Open 11 months ago

chore: bump the maven group with 3 updates

Daren9m/WebGoat_fork #11

1.4.5 → 1.4.21 Patch PR

Closed 11 months ago 3 comments

Package Details

Name:	`com.thoughtworks.xstream:xstream`
Ecosystem:	maven
PURL Type:	maven
Package URL:	`pkg:maven/com.thoughtworks.xstream:xstream`
JSON API:	View JSON

Security Advisories

37

Active advisories

CRITICAL 2

HIGH 22

MODERATE 13

View All maven Advisories

Package Information

Description:

XStream is a serialization library from Java objects to XML and back.

Repository:	https://github.com/x-stream/xstream
Homepage:	http://x-stream.github.io
Latest Release:	`1.4.21` over 1 year ago
Dependent Repos:	25,482
Dependent Packages:	1,882
Ranking:	Top 0.0366% by dependent repos Top 0.0384% by dependent pkgs

PR Status

Open 101 (65.2%)

Merged 15 (9.7%)

Closed 29 (18.7%)

PR Types

Minor 1 (0.6%)

Patch 144 (92.9%)

com.thoughtworks.xstream:xstream

Security Advisories

XStream vulnerable to an Arbitrary File Deletion on the local host when unmarshalling

Denial of service in XStream

XStream is vulnerable to a Remote Command Execution attack

XStream is vulnerable to an Arbitrary Code Execution attack

XStream is vulnerable to an Arbitrary Code Execution attack

Recent PRs

Package Details

Security Advisories

37

Package Information

PR Status

PR Types

`com.thoughtworks.xstream:xstream`