[Snyk] Upgrade com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.20

[andersonsevla]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade com.thoughtworks.xstream:xstream from 1.4.5 to 1.4.20.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 22 versions ahead of your current version.
• The recommended version was released 7 months ago, on 2022-12-23.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	XML External Entity (XXE) Injection SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-30385	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1040458	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Arbitrary Code Execution SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569181	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Arbitrary Code Execution SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569182	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Remote Code Execution (RCE) SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569183	589/1000 Why? Has a fix available, CVSS 7.5	Mature
	Denial of Service (DoS) SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-31394	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Arbitrary Code Execution SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569185	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Arbitrary Code Execution SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569186	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Arbitrary Code Execution SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569187	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Server-Side Request Forgery (SSRF) SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569190	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Server-Side Request Forgery (SSRF) SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569191	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-2388977	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088337	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Arbitrary Code Execution SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569176	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Arbitrary Code Execution SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569177	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Arbitrary Code Execution SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569178	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Arbitrary Code Execution SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569179	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Arbitrary Code Execution SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569180	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088335	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-3091180	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Arbitrary File Deletion SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1051966	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Server-Side Request Forgery (SSRF) SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1051967	589/1000 Why? Has a fix available, CVSS 7.5	Mature
	Denial of Service (DoS) SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-3182897	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Insecure XML deserialization SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-460764	589/1000 Why? Has a fix available, CVSS 7.5	Mature
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088328	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1569189	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088329	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088330	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088331	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088332	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088336	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088338	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088333	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088334	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1294540	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs