Skip to content

Security: lecogiteur/xstream

Security

SECURITY.md

Security Policy

Supported Versions

The 1.4.x version is actively maintained.

Version Supported
1.4.x
< 1.4.0

Reporting a Vulnerability

If you have identified a security issue, ask on the XStream mailing list for access to the XStream Security list and you will receive an invitation. Send a security report there with details to reproduce the problem with the latest XStream version.

Note, that XStream cares about security issues with XStream itself or in combination with the Java runtime, but not with 3rd party libraries. It is in the resposibility of each developer who brings those libraries together to setup the XStream Security Framework properly.

There aren’t any published security advisories