Описание
A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| jasperreports | removed | package |
Связанные уязвимости
CVSS3: 9.8
ubuntu
5 месяцев назад
A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library
CVSS3: 9.8
nvd
5 месяцев назад
A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library
CVSS3: 9.8
github
5 месяцев назад
JasperReports has a Java deserialisation vulnerability