VDB

RHSA-2014%3A1007

RHSA-2014%3A1007 PUBLISHED CVSS 6.800000190734863 MEDIUM

It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream application.

Risk Scores

CVSS 2.0
6.800000190734863

Affected Products

VendorProductVersions
Red HatJBoss Enterprise BRMS Platform 5.3

Timeline

  • Aug 5, 2014 CVE Published
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Security Advisory
  • Apr 29, 2026 Security Advisory
  • Apr 29, 2026 Security Advisory
  • May 14, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›