Количество 3
Количество 3
CVE-2017-15089
It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks.
CVE-2017-15089
It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks.
GHSA-46r5-59fg-2fjc
Deserialization of Untrusted Data in Infinispan
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-15089 It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks. | CVSS3: 8 | 4% Низкий | почти 8 лет назад |
 | CVE-2017-15089 It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks. | CVSS3: 8.8 | 4% Низкий | почти 8 лет назад |
| GHSA-46r5-59fg-2fjc Deserialization of Untrusted Data in Infinispan | CVSS3: 8.8 | 4% Низкий | больше 3 лет назад |
Уязвимостей на страницу