Lucene search
China National Vulnerability DatabaseCNVD-2022-01778HistoryOct 14, 2021 - 12:00 a.m.
Apache DB DdlUtils code issue vulnerability
2021-10-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
0.218 Low
EPSS
Percentile
96.5%
Apache DB DdlUtils is a small, easy-to-use component from the Apache Foundation for working with database definition (DDL) files.A code issue vulnerability exists in Apache DB DdlUtils 1.0, which stems from an insecure BinaryObjectsHelper class that uses ObjectInputStream.readObject when failing to verify that input data can be safely deserialized. An attacker could exploit the vulnerability to cause remote code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache apache db ddlutils | eq | 1.0 |
Related
cve
cve
CVE-2021-41616
2021-09-30 08:15:06
osv
osv
CVE-2021-41616
2021-09-30 08:15:06
Deserialization of Untrusted Data in org.apache.ddlutils:ddlutils
2021-10-04 20:12:30
cvelist
cvelist
CVE-2021-41616 Apache ddlutils 1.0 readobject vulnerability
2021-09-30 07:55:11
nvd
nvd
CVE-2021-41616
2021-09-30 08:15:06
f5
f5
K14234227 : Apache DB DdlUtils vulnerability CVE-2021-41616
2021-11-15 00:00:00
prion
prion
Design/Logic Flaw
2021-09-30 08:15:00
github
github
Deserialization of Untrusted Data in org.apache.ddlutils:ddlutils
2021-10-04 20:12:30
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00