Описание
Solon vulnerable to deserialization of untrusted data
A bypass in the component sofa-hessian of Solon before v2.3.3 allows attackers to execute arbitrary code via providing crafted payload.
Пакеты
Наименование
org.noear:solon
maven
Затронутые версииВерсия исправления
< 2.3.3
2.3.3
Связанные уязвимости
CVSS3: 9.8
nvd
больше 2 лет назад
A bypass in the component sofa-hessian of Solon before v2.3.3 allows attackers to execute arbitrary code via providing crafted payload.