exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2013-4221

больше 12 лет назад

The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML.

CVSS2: 7.5

EPSS: Низкий

CVE-2013-4221

больше 12 лет назад

The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML.

CVSS2: 6.8

EPSS: Низкий

CVE-2013-4221

больше 12 лет назад

The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML.

CVSS2: 7.5

EPSS: Низкий

CVE-2013-4221

больше 12 лет назад

The default configuration of the ObjectRepresentation class in Restlet ...

CVSS2: 7.5

EPSS: Низкий

GHSA-92j2-5r7p-6hjw

больше 3 лет назад

Restlet is vulnerable to Arbitrary Java Code Execution via crafted XML

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2013-4221 The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML.	CVSS2: 7.5	2% Низкий	больше 12 лет назад
CVE-2013-4221 The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML.	CVSS2: 6.8	2% Низкий	больше 12 лет назад
CVE-2013-4221 The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML.	CVSS2: 7.5	2% Низкий	больше 12 лет назад
CVE-2013-4221 The default configuration of the ObjectRepresentation class in Restlet ...	CVSS2: 7.5	2% Низкий	больше 12 лет назад
GHSA-92j2-5r7p-6hjw Restlet is vulnerable to Arbitrary Java Code Execution via crafted XML		2% Низкий	больше 3 лет назад

Уязвимостей на страницу