Skip to content

[Snyk] Upgrade com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.20#1

Open
emresaa wants to merge 1 commit intomainfrom
snyk-upgrade-ae42723f91e87751805c0cda070c69bd
Open

[Snyk] Upgrade com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.20#1
emresaa wants to merge 1 commit intomainfrom
snyk-upgrade-ae42723f91e87751805c0cda070c69bd

Conversation

@emresaa
Copy link
Copy Markdown
Owner

@emresaa emresaa commented Mar 11, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.20.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 22 versions ahead of your current version.
  • The recommended version was released a year ago, on 2022-12-23.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Arbitrary Code Execution
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569176		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Arbitrary Code Execution
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569187		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1040458		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088337		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Arbitrary Code Execution
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569177		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Arbitrary Code Execution
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569178		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Arbitrary Code Execution
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569179		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Arbitrary Code Execution
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569180		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Arbitrary Code Execution
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569181		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Arbitrary Code Execution
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569182		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Remote Code Execution (RCE)
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569183		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Mature
Arbitrary Code Execution
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569185		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Arbitrary Code Execution
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569186		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Server-Side Request Forgery (SSRF)
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569190		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Server-Side Request Forgery (SSRF)
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569191		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Denial of Service (DoS)
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-2388977		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 No Known Exploit
XML External Entity (XXE) Injection
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-30385		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-31394		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 No Known Exploit
Arbitrary File Deletion
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1051966		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Server-Side Request Forgery (SSRF)
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1051967		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Mature
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088328		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088329		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088330		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088331		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088332		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088333		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088334		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088335		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088336		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088338		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1294540		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Denial of Service (DoS)
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569189		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Denial of Service (DoS)
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-3091180		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-3182897		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Proof of Concept
Insecure XML deserialization
SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-460764		 746/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.5		 Mature

(*) Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@emresaa @snyk-bot