Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.19151
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.19151
<patchinfo incident="19151"> <issue tracker="bnc" id="1184380">VUL-0: CVE-2021-21350: xstream: arbitrary code execution</issue> <issue tracker="bnc" id="1184372">VUL-0: CVE-2021-21345: xstream: remote attacker with sufficient rights could execute commands</issue> <issue tracker="bnc" id="1184375">VUL-0: CVE-2021-21344: xstream: remote attacker could load and execute arbitrary code from a remote host</issue> <issue tracker="bnc" id="1184378">VUL-0: CVE-2021-21347: xstream: remote attacker to load and execute arbitrary code from a remote host</issue> <issue tracker="bnc" id="1184376">VUL-0: CVE-2021-21343: xstream: replace or inject objects, that result in the deletion of files on the local host</issue> <issue tracker="bnc" id="1184373">VUL-0: CVE-2021-21346: xstream: remote attacker could load and execute arbitrary code</issue> <issue tracker="bnc" id="1184379">VUL-0: CVE-2021-21342: xstream: server-side forgery</issue> <issue tracker="bnc" id="1184377">VUL-0: CVE-2021-21341: xstream: remote attacker could cause a denial of service by allocating 100% CPU time</issue> <issue tracker="bnc" id="1184797">VUL-0: CVE-2021-21349: xstream: SSRF can lead to a remote attacker to request data from internal resources</issue> <issue tracker="bnc" id="1184374">VUL-0: CVE-2021-21348: xstream: remote attacker could cause denial of service by consuming maximum CPU time</issue> <issue tracker="bnc" id="1184796">VUL-0: CVE-2021-21351: xstream: remote attacker to load and execute arbitrary code</issue> <issue tracker="cve" id="2021-21344"/> <issue tracker="cve" id="2021-21348"/> <issue tracker="cve" id="2021-21341"/> <issue tracker="cve" id="2021-21343"/> <issue tracker="cve" id="2021-21342"/> <issue tracker="cve" id="2021-21351"/> <issue tracker="cve" id="2021-21350"/> <issue tracker="cve" id="2021-21347"/> <issue tracker="cve" id="2021-21349"/> <issue tracker="cve" id="2021-21346"/> <issue tracker="cve" id="2021-21345"/> <packager>fstrba</packager> <rating>important</rating> <category>security</category> <summary>Security update for xstream</summary> <description>This update for xstream fixes the following issues: - Upgrade to 1.4.16 - CVE-2021-21351: remote attacker to load and execute arbitrary code (bsc#1184796) - CVE-2021-21349: SSRF can lead to a remote attacker to request data from internal resources (bsc#1184797) - CVE-2021-21350: arbitrary code execution (bsc#1184380) - CVE-2021-21348: remote attacker could cause denial of service by consuming maximum CPU time (bsc#1184374) - CVE-2021-21347: remote attacker to load and execute arbitrary code from a remote host (bsc#1184378) - CVE-2021-21344: remote attacker could load and execute arbitrary code from a remote host (bsc#1184375) - CVE-2021-21342: server-side forgery (bsc#1184379) - CVE-2021-21341: remote attacker could cause a denial of service by allocating 100% CPU time (bsc#1184377) - CVE-2021-21346: remote attacker could load and execute arbitrary code (bsc#1184373) - CVE-2021-21345: remote attacker with sufficient rights could execute commands (bsc#1184372) - CVE-2021-21343: replace or inject objects, that result in the deletion of files on the local host (bsc#1184376) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor