XStream CVE-2016-3674 XML External Entity Multiple Information Disclosure Vulnerabilities

XStream is prone to multiple information-disclosure vulnerabilities.

An attacker can exploit these issues to gain access to sensitive information from the application; this may lead to further attacks.

Note: This issue was previously titled 'XStream XML External Entity Denial of Service Vulnerability'. The title has been changed to better reflect the vulnerability information.

Versions prior to XStream 1.4.9 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus