https://github.com/x-stream/xstream
java xml xstream
Last synced: about 1 month ago
Repository metadata:
Serialize Java objects to XML and back again.
- Host: GitHub
- URL: https://github.com/x-stream/xstream
- Owner: x-stream
- License: other
- Created: 2015-03-14T15:57:12.000Z (almost 10 years ago)
- Default Branch: master
- Last Pushed: 2024-10-28T23:37:07.000Z (about 2 months ago)
- Last Synced: 2024-10-29T14:03:51.585Z (about 2 months ago)
- Topics: java, xml, xstream
- Language: Java
- Homepage: http://x-stream.github.io
- Size: 20.7 MB
- Stars: 748
- Watchers: 52
- Forks: 226
- Open Issues: 38
-
Metadata Files:
- Readme: README.md
- License: LICENSE.txt
- Security: SECURITY.md
Owner metadata:
- Name: XStream
- Login: x-stream
- Email:
- Kind: organization
- Description:
- Website:
- Location: http://x-stream.github.io
- Twitter:
- Company:
- Icon url: https://avatars.githubusercontent.com/u/12127637?v=4
- Repositories: 4
- Last Synced at: 2023-02-28T18:35:26.464Z
- Profile URL: https://github.com/x-stream
- Sponsor URL:
Committers metadata
Last synced: about 2 months ago
Total Commits: 2,888
Total Committers: 45
Avg Commits per committer: 64.178
Development Distribution Score (DDS): 0.283
Commits in past year: 17
Committers in past year: 3
Avg Commits per committer in past year: 5.667
Development Distribution Score (DDS) in past year: 0.176
Name | Commits | |
---|---|---|
Jörg Schaible | j****e@g****e | 2072 |
Joe Walnes | j****e@t****m | 502 |
Mauro Talevi | m****i@a****g | 125 |
Guilherme Silveira | g****a@c****r | 69 |
Jason van Zyl | j****l@a****g | 42 |
Damage Control | d****l@c****g | 12 |
James Strachan | j****n@g****m | 11 |
Carsten Hammer | c****r@t****e | 6 |
purnhar | p****r | 4 |
Bob McWhirter | b****b@c****g | 3 |
zeshuai007 | 5****7@q****m | 3 |
Aslak Hellesøy | a****y@g****m | 2 |
Falko Modler | f****d | 2 |
Vladislav Rassokhin | v****n@j****m | 2 |
Tom Adams | t****s@t****m | 2 |
CV | cv@c****g | 2 |
HIGUCHI Yuta | y****i | 1 |
pzi | 9****8 | 1 |
xfournet | x****t | 1 |
张逸扬 | 3****y | 1 |
Aaron | a****n@a****m | 1 |
Aleksey Dobrynin | a****n@j****m | 1 |
Elliotte Harold | e****o@g****m | 1 |
Harald Schmitt | l****x@h****e | 1 |
Hervé Boutemy | h****y@a****g | 1 |
Honor Systems Updater Jenkins | h****s@j****m | 1 |
Jakob Schnell | g****b@e****e | 1 |
Jesse Glick | j****k@c****m | 1 |
John Bergqvist | J****t@d****m | 1 |
Julia Boes | j****s@o****m | 1 |
and 15 more... |
Issue and Pull Request metadata
Last synced: about 1 month ago
Package metadata
- Total packages: 6
- Total downloads: unknown
- Total docker downloads: 5,037,501,860
- Total dependent packages: 1,895 (may contain duplicates)
- Total dependent repositories: 25,629 (may contain duplicates)
- Total versions: 160
- Total advisories: 38
maven: com.thoughtworks.xstream:xstream
XStream is a serialization library from Java objects to XML and back.
- Homepage: http://x-stream.github.io
- Documentation: https://appdoc.app/artifact/com.thoughtworks.xstream/xstream/
- Licenses: BSD-3-Clause
- Latest release: 1.4.20 (published almost 2 years ago)
- Last Synced: 2024-11-11T01:02:32.323Z (about 1 month ago)
- Versions: 41
- Dependent Packages: 1,882
- Dependent Repositories: 25,482
- Docker Downloads: 5,023,921,787
-
Rankings:
- Dependent repos count: 0.037%
- Dependent packages count: 0.038%
- Docker downloads count: 0.045%
- Average: 5.36%
- Forks count: 13.157%
- Stargazers count: 13.521%
-
Advisories:
- XML External Entity Injection in XStream
- Denial of service in XStream
- Command Injection in Xstream
- XStream is vulnerable to an Arbitrary Code Execution attack
- XStream is vulnerable to an Arbitrary Code Execution attack
- XStream is vulnerable to an Arbitrary Code Execution attack
- XStream is vulnerable to an Arbitrary Code Execution attack
- XStream is vulnerable to an Arbitrary Code Execution attack
- A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
- XStream is vulnerable to an Arbitrary Code Execution attack
- XStream is vulnerable to an Arbitrary Code Execution attack
- XStream is vulnerable to an Arbitrary Code Execution attack
- XStream can be used for Remote Code Execution
- Deserialization of Untrusted Data and Code Injection in xstream
- XStream is vulnerable to an Arbitrary Code Execution attack
- A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
- XStream can cause a Denial of Service.
- XStream vulnerable to an Arbitrary File Deletion on the local host when unmarshalling
- XStream is vulnerable to a Remote Command Execution attack
- XStream is vulnerable to an Arbitrary Code Execution attack
- XStream can cause a Denial of Service
- Denial of Service by injecting highly recursive collections or maps in XStream
- XStream is vulnerable to a Remote Command Execution attack
- XStream can cause Denial of Service via stack overflow
- XStream is vulnerable to an Arbitrary Code Execution attack
- Server-Side Forgery Request can be activated unmarshalling with XStream
- XStream is vulnerable to an Arbitrary Code Execution attack
- A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
- XStream is vulnerable to a Remote Command Execution attack
- XStream is vulnerable to an Arbitrary Code Execution attack
- XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights
- A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
- XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow
- XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream
- XStream is vulnerable to an Arbitrary Code Execution attack
- XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos)
- XStream is vulnerable to an Arbitrary Code Execution attack
- Duplicate Advisory: Denial of Service due to parser crash
maven: com.thoughtworks.xstream:xstream-hibernate
XStream extension for Hibernate 3/4 to untie Java objects from Hibernate.
- Homepage: http://x-stream.github.io
- Documentation: https://appdoc.app/artifact/com.thoughtworks.xstream/xstream-hibernate/
- Licenses: BSD-3-Clause
- Latest release: 1.4.20 (published almost 2 years ago)
- Last Synced: 2024-11-11T01:02:45.029Z (about 1 month ago)
- Versions: 23
- Dependent Packages: 9
- Dependent Repositories: 92
- Docker Downloads: 7,282,445
-
Rankings:
- Docker downloads count: 1.124%
- Dependent repos count: 2.059%
- Dependent packages count: 6.706%
- Average: 7.313%
- Forks count: 13.157%
- Stargazers count: 13.521%
maven: com.thoughtworks.xstream:xstream-benchmark
Benchmark suite of XStream.
- Homepage: http://x-stream.github.io
- Documentation: https://appdoc.app/artifact/com.thoughtworks.xstream/xstream-benchmark/
- Licenses: BSD-3-Clause
- Latest release: 1.4.20 (published almost 2 years ago)
- Last Synced: 2024-11-11T01:02:43.842Z (about 1 month ago)
- Versions: 27
- Dependent Packages: 2
- Dependent Repositories: 29
- Docker Downloads: 6,297,616
-
Rankings:
- Docker downloads count: 1.168%
- Dependent repos count: 4.345%
- Average: 11.252%
- Stargazers count: 13.74%
- Forks count: 13.848%
- Dependent packages count: 23.156%
maven: com.thoughtworks.xstream:xstream-jmh
JMH Benchmark suite of XStream.
- Homepage: http://x-stream.github.io
- Documentation: https://appdoc.app/artifact/com.thoughtworks.xstream/xstream-jmh/
- Licenses: BSD-3-Clause
- Latest release: 1.4.20 (published almost 2 years ago)
- Last Synced: 2024-11-11T01:02:43.678Z (about 1 month ago)
- Versions: 14
- Dependent Packages: 2
- Dependent Repositories: 14
- Docker Downloads: 12
-
Rankings:
- Dependent repos count: 6.562%
- Docker downloads count: 6.614%
- Average: 12.778%
- Stargazers count: 13.763%
- Forks count: 13.795%
- Dependent packages count: 23.156%
maven: com.thoughtworks.xstream:xstream-distribution
Distribution project for XStream to build distributables and documentation.
- Homepage: http://x-stream.github.io
- Documentation: https://appdoc.app/artifact/com.thoughtworks.xstream/xstream-distribution/
- Licenses: BSD-3-Clause
- Latest release: 1.4.20 (published almost 2 years ago)
- Last Synced: 2024-11-11T01:02:30.707Z (about 1 month ago)
- Versions: 27
- Dependent Packages: 0
- Dependent Repositories: 7
-
Rankings:
- Dependent repos count: 9.294%
- Forks count: 13.157%
- Stargazers count: 13.521%
- Average: 21.53%
- Dependent packages count: 50.15%
maven: com.thoughtworks.xstream:xstream-parent
XStream is a serialization library from Java objects to XML and back.
- Homepage: http://x-stream.github.io
- Documentation: https://appdoc.app/artifact/com.thoughtworks.xstream/xstream-parent/
- Licenses: BSD-3-Clause
- Latest release: 1.4.20 (published almost 2 years ago)
- Last Synced: 2024-11-11T01:02:43.522Z (about 1 month ago)
- Versions: 28
- Dependent Packages: 0
- Dependent Repositories: 5
-
Rankings:
- Dependent repos count: 10.915%
- Stargazers count: 13.763%
- Forks count: 13.795%
- Average: 22.156%
- Dependent packages count: 50.15%
Dependencies
- com.thoughtworks.xstream:xstream 1.5.0-SNAPSHOT provided
- com.thoughtworks.xstream:xstream-benchmark 1.5.0-SNAPSHOT provided
- com.thoughtworks.xstream:xstream-hibernate 1.5.0-SNAPSHOT provided
- com.thoughtworks.xstream:xstream-jmh 1.5.0-SNAPSHOT provided
- org.openjdk.jmh:jmh-generator-annprocess 1.21 provided
- cglib:cglib-nodep 2.2
- com.brsanthu:migbase64 2.2
- com.fasterxml.woodstox:woodstox-core 5.2.0
- com.megginson.sax:xml-writer 0.2
- com.sun.xml.ws:jaxws-rt 2.2
- com.thoughtworks.xstream:xstream 1.5.0-SNAPSHOT
- com.thoughtworks.xstream:xstream-benchmark 1.5.0-SNAPSHOT
- com.thoughtworks.xstream:xstream-hibernate 1.5.0-SNAPSHOT
- com.thoughtworks.xstream:xstream-jmh 1.5.0-SNAPSHOT
- commons-codec:commons-codec 1.11
- io.github.x-stream:mxparser 1.2.2
- jakarta.activation:jakarta.activation-api 1.2.1
- jakarta.annotation:jakarta.annotation-api 1.3.4
- jakarta.inject:jakarta.inject-api 1.0
- jakarta.xml.bind:jakarta.xml.bind-api 2.3.2
- javassist:javassist 3.12.1.GA
- joda-time:joda-time 2.10.1
- net.sf.kxml:kxml2 2.3.0
- net.sf.kxml:kxml2-min 2.3.0
- org.apache.commons:commons-lang3 3.8.1
- org.codehaus.jettison:jettison 1.4.1
- org.dom4j:dom4j 2.0.2
- org.hibernate:hibernate-core 4.2.5.Final
- org.hibernate:hibernate-envers 4.2.5.Final
- org.hsqldb:hsqldb 2.2.8
- org.jdom:jdom 1.1.3
- org.jdom:jdom2 2.0.6
- org.json:json 20180813
- org.openjdk.jmh:jmh-core 1.21
- org.slf4j:slf4j-api 1.6.1
- org.slf4j:slf4j-simple 1.6.1
- stax:stax 1.2.0
- xerces:xercesImpl 2.8.1
- xmlpull:xmlpull 1.1.3.1
- xom:xom 1.3.2
- xpp3:xpp3_min 1.1.4c
- com.thoughtworks.xstream:xstream 1.5.0-SNAPSHOT test
- jmock:jmock 1.0.1 test
- junit:junit 3.8.1 test
- org.apache.felix:org.apache.felix.framework 6.0.3 test
- org.ops4j.pax.exam:pax-exam-container-native 4.13.4 test
- org.ops4j.pax.exam:pax-exam-extender-service 4.13.4 test
- org.ops4j.pax.exam:pax-exam-inject 4.13.4 test
- org.ops4j.pax.exam:pax-exam-invoker-junit 4.13.4 test
- org.ops4j.pax.exam:pax-exam-junit4 4.13.4 test
- org.ops4j.pax.exam:pax-exam-link-assembly 4.13.4 test
- org.ops4j.pax.exam:pax-exam-link-mvn 4.13.4 test
- jakarta.xml.bind:jakarta.xml.bind-api provided
- cglib:cglib-nodep
- com.fasterxml.woodstox:woodstox-core
- io.github.x-stream:mxparser
- jakarta.activation:jakarta.activation-api
- jmock:jmock
- joda-time:joda-time
- junit:junit
- net.sf.kxml:kxml2-min
- org.codehaus.jettison:jettison
- org.dom4j:dom4j
- org.jdom:jdom
- org.jdom:jdom2
- stax:stax
- xom:xom
- xpp3:xpp3_min
- com.megginson.sax:xml-writer test
- com.sun.xml.ws:jaxws-rt test
- org.apache.commons:commons-lang3 test
- org.json:json test
- ${project.groupId}:xstream ${project.version}
- junit:junit
- com.thoughtworks.xstream:xstream
- com.thoughtworks.xstream:xstream-benchmark
- com.thoughtworks.xstream:xstream-hibernate
- com.thoughtworks.xstream:xstream-jmh
- cglib:cglib-nodep provided
- javassist:javassist provided
- org.slf4j:slf4j-simple provided
- com.thoughtworks.xstream:xstream
- junit:junit
- org.hibernate:hibernate-core
- org.hibernate:hibernate-envers
- org.hsqldb:hsqldb test
- com.thoughtworks.xstream:xstream
- jakarta.inject:jakarta.inject-api
- junit:junit
- org.apache.felix:org.apache.felix.framework
- org.ops4j.pax.exam:pax-exam-container-native
- org.ops4j.pax.exam:pax-exam-extender-service
- org.ops4j.pax.exam:pax-exam-inject
- org.ops4j.pax.exam:pax-exam-invoker-junit
- org.ops4j.pax.exam:pax-exam-junit4
- org.ops4j.pax.exam:pax-exam-link-assembly
- org.ops4j.pax.exam:pax-exam-link-mvn
- org.slf4j:slf4j-simple test
- com.brsanthu:migbase64
- com.fasterxml.woodstox:woodstox-core
- com.thoughtworks.xstream:xstream
- commons-codec:commons-codec
- io.github.x-stream:mxparser
- jakarta.xml.bind:jakarta.xml.bind-api
- net.sf.kxml:kxml2-min
- org.codehaus.jettison:jettison
- org.dom4j:dom4j
- org.jdom:jdom
- org.jdom:jdom2
- org.openjdk.jmh:jmh-core
- org.openjdk.jmh:jmh-generator-annprocess
- stax:stax
- xom:xom
- xpp3:xpp3_min
- actions/checkout v3 composite
- actions/setup-java v3 composite