Uploaded image for project: 'Struts 2'
  1. Struts 2
  2. WW-5329

Upgrade xstream to version 1.4.20

    XMLWordPrintableJSON

Details

    • Dependency
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 6.3.0
    • Core
    • None

    Description

      This maintenance release addresses the security vulnerabilities CVE-2022-40151 and CVE-2022-41966, causing a Denial of Service by raising a stack overflow. It also provides new converters for Optional and Atomic types.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #721

          Activity

            People

              Unassigned Unassigned
              lukaszlenart Lukasz Lenart
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 0.5h
                  0.5h