Описание
Akka Java Serialization vulnerability
Akka versions <=2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem.
Пакеты
Наименование
com.typesafe.akka:akka-actor
maven
Затронутые версииВерсия исправления
< 2.4.17
2.4.17
Связанные уязвимости
CVSS3: 7.5
redhat
почти 9 лет назад
Akka versions <=2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem.
CVSS3: 8.1
nvd
больше 8 лет назад
Akka versions <=2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem.