For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

bugzilla.redhat.com/show_bug.cgi?id=2150009

errata.rockylinux.org/RLSA-2022:9058

cve 2

hackerone 1

ibm 49

atlassian 3

f5 1

cgr 1

nessus 25

oraclelinux 1

redhatcve 1

ubuntucve 1

github 2

githubexploit 1

prion 2

debiancve 1

osv 6

redos 1

cvelist 2

rocky 2

veracode 1

redhat 29

almalinux 1

nvd 2

thn 2

rapid7blog 1

zdt 1

packetstorm 1

metasploit 1

hivepro 1

qualysblog 5

oracle 5

cve

CVE-2022-1471

2022-12-01 11:15:10

CVE-2023-46302

2023-11-20 09:15:07

hackerone

Kubernetes: The `io.kubernetes.client.util.generic.dynamic.Dynamics` contains a code execution vulnerability due to SnakeYAML

2022-12-15 19:07:04

ibm

Security Bulletin: IBM Db2 Web Query for i is vulnerable to arbitrary code execution due to SnakeYaml [CVE-2022-1471]

2023-07-19 20:29:29

Security Bulletin: Vulnerability in SnakeYaml affects IBM Process Mining . CVE-2022-1471

2023-05-05 14:58:52

Security Bulletin: SnakeYaml is vulnerable to CVE-2022-1471 used by IBM Maximo Application Suite

2023-06-21 13:40:56

atlassian

RCE (Remote Code Execution) in - CVE-2022-1471

2023-10-08 08:44:33

RCE (Remote Code Execution) in Bitbucket Data Center and Server - CVE-2022-1471

2023-09-19 20:41:22

RCE (Remote Code Execution) in Confluence Data Center and Server - CVE-2022-1471

2023-09-11 21:13:51

K000132638 : SnakeYAML vulnerability CVE-2022-1471

2023-02-16 00:00:00

cgr

CVE-2022-1471 vulnerabilities

2024-04-30 09:06:13

nessus

Rocky Linux 8 : prometheus-jmx-exporter (RLSA-2022:9058)

2023-01-30 00:00:00

AlmaLinux 8 : prometheus-jmx-exporter (ALSA-2022:9058)

2022-12-16 00:00:00

Atlassian Jira Service Management Data Center and Server 5.0.x < 5.4.14 / 5.5.x < 5.11.2 / 5.12.0 (JSDSERVER-14906)

2023-12-13 00:00:00

oraclelinux

prometheus-jmx-exporter security update

2022-12-15 00:00:00

redhatcve

CVE-2022-1471

2022-12-01 15:56:23

ubuntucve

CVE-2022-1471

2022-12-01 00:00:00

github

SnakeYaml Constructor Deserialization Remote Code Execution

2022-12-12 21:19:47

Deserialization of Untrusted Data in apache-submarine

2023-11-20 09:30:31

githubexploit

Exploit for Deserialization of Untrusted Data in Snakeyaml Project Snakeyaml

2023-03-02 16:33:02

prion

Deserialization of untrusted data

2022-12-01 11:15:00

Design/Logic Flaw

2023-11-20 09:15:00

debiancve

CVE-2022-1471

2022-12-01 11:15:10

osv

CVE-2022-1471

2022-12-01 11:15:10

SnakeYaml Constructor Deserialization Remote Code Execution

2022-12-12 21:19:47

Important: prometheus-jmx-exporter security update

2022-12-15 00:00:00

redos

ROS-20240514-03

2024-05-14 00:00:00

cvelist

CVE-2022-1471 Remote Code execution in SnakeYAML

2022-12-01 10:47:07

CVE-2023-46302 Apache Submarine: Fix CVE-2022-1471 SnakeYaml unsafe deserialization

2023-11-20 08:46:56

rocky

prometheus-jmx-exporter security update

2022-12-15 15:08:09

Satellite 6.13 Release

2023-05-05 15:39:58

veracode

Remote Code Execution (RCE)

2022-12-02 17:22:00

redhat

(RHSA-2022:9058) Important: prometheus-jmx-exporter security update

2022-12-15 15:08:09

(RHSA-2023:0697) Important: OpenShift Container Platform 4.10.52 security update

2023-02-15 15:39:07

(RHSA-2022:9032) Important: Red Hat build of Eclipse Vert.x 4.3.4 security update

2022-12-15 12:38:08

almalinux

Important: prometheus-jmx-exporter security update

2022-12-15 00:00:00

nvd

CVE-2022-1471

2022-12-01 11:15:10

CVE-2023-46302

2023-11-20 09:15:07

thn

Warning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorch

2023-10-03 16:24:00

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

2023-12-06 09:18:00

rapid7blog

Metasploit Weekly Wrap-Up

2023-10-13 17:03:36

zdt

PyTorch Model Server Registration / Deserialization Remote Code Execution Exploit

2023-10-15 00:00:00

packetstorm

PyTorch Model Server Registration / Deserialization Remote Code Execution

2023-10-13 00:00:00

metasploit

PyTorch Model Server Registration and Deserialization RCE

2023-10-12 13:27:26

hivepro

Atlassian Addresses Critical RCE Flaws

2023-12-07 12:45:52

qualysblog

Oracle Patch Update, April 2024 Security Update Review

2024-04-17 14:39:59

Oracle Patch Update, January 2024 Security Update Review

2024-01-17 15:29:33

Oracle Patch Tuesday April 2023 Security Update Review

2023-04-19 11:47:21

oracle

Oracle Critical Patch Update Advisory - January 2024

2024-01-16 00:00:00

Oracle Critical Patch Update Advisory - October 2023

2023-10-17 00:00:00

Oracle Critical Patch Update Advisory - July 2023

2023-07-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.9 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.8%

JSON

Related for OSV:RLSA-2022:9058