Package : libxstream-java
CVE ID : CVE-2020-26258 CVE-2020-26259
Liaogui Zhong discovered two security issues in XStream, a Java library
to serialise objects to XML and back again, which could result in the
deletion of files or server-side request forgery when unmarshalling.
For the stable distribution (buster), these problems have been fixed in
We recommend that you upgrade your libxstream-java packages.