exploitDog

CVE-2025-9121

Опубликовано: 15 дек. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods.

Ссылки

https://support.pentaho.com/hc/en-us/articles/41832536185613--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Deserialization-of-Untrusted-Data-Versions-before-10-2-0-4-Impacted-CVE-2025-9121

EPSS

Процентиль: 21%

0.00069

Низкий

8.8 High

CVSS3

Дефекты

CWE-502

Связанные уязвимости

GHSA-q8c7-8xpv-64vr

CVSS3: 8.8

github

около 2 месяцев назад

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods.

EPSS

Процентиль: 21%

0.00069

Низкий

8.8 High

CVSS3

Дефекты

CWE-502