Lucene search
China National Vulnerability DatabaseCNVD-2022-14707HistoryJan 27, 2022 - 12:00 a.m.
Apache Karaf code issue vulnerability (CNVD-2022-14707)
2022-01-2700:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
apache karaf
osgi container
code issue
vulnerability
insecure input validation
serialized data
remote attacker
arbitrary code
target system
EPSS
0.003
Percentile
70.2%
Apache Karaf is a lightweight OSGi (Java Dynamic Modular System) container for deploying applications and components from the Apache Foundation, U.S. A code issue vulnerability exists in Apache Karaf, which stems from insecure input validation when handling serialized data, and could be exploited by a remote attacker to pass specially crafted data to an application and execute arbitrary code on the target system.
Related
redhatcve
redhatcve
CVE-2021-41766
2022-01-26 14:41:55
prion
prion
Deserialization of untrusted data
2022-01-26 11:15:00
cvelist
cvelist
CVE-2021-41766 Insecure Java Deserialization in Apache Karaf
2022-01-26 11:10:11
nvd
nvd
CVE-2021-41766
2022-01-26 11:15:08
osv
osv
CVE-2021-41766
2022-01-26 11:15:08
Insecure Java Deserialization in Apache Karaf
2022-01-28 22:24:48
cve
cve
CVE-2021-41766
2022-01-26 11:15:08
veracode
veracode
Deserialization Of Untrusted Object
2022-01-27 10:31:53
github
github
Insecure Java Deserialization in Apache Karaf
2022-01-28 22:24:48
redhat
redhat
(RHSA-2022:5532) Important: Red Hat Fuse 7.11.0 release and security update
2022-07-07 14:16:35