X Stream Xstream
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in X Stream Xstream.
By the Year
In 2025 there have been 0 vulnerabilities in X Stream Xstream. Xstream did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 2 | 9.80 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Xstream vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent X Stream Xstream Security Vulnerabilities
It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw
CVE-2019-10173
9.8 - Critical
- July 23, 2019
It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. e.g. JSON. (regression of CVE-2013-7285)
Code Injection
Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may
CVE-2013-7285
9.8 - Critical
- May 15, 2019
Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Xstream or by X Stream? Click the Watch button to subscribe.
