Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2017-15095
- EPSS 7.41%
- Veröffentlicht 06.02.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:14:03
A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMappe...
9.8
CVE-2017-7525
- EPSS 77.34%
- Veröffentlicht 06.02.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:32:04
A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the Obj...
6.2
CVE-2017-15707
- EPSS 2.48%
- Veröffentlicht 01.12.2017 16:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.
1