CVE-2020-17532

🗓️ 25 Jan 2021 09:25:14Reported by apacheType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 59 Views

Apache ServiceComb-Java-Chassis 2.0.0 to 2.1.3 allows arbitrary code execution

Reporter	Title	Published	Views	Family All 10
CNNVD	Apache Servicecomb Java Chassis 代码问题漏洞	25 Jan 202100:00	–	cnnvd
CNVD	Apache Servicecomb Java Chassis Input Validation Error Vulnerability	28 Jan 202100:00	–	cnvd
Cvelist	CVE-2020-17532 Apache ServiceComb Yaml remote deserialization vulnerability	25 Jan 202109:25	–	cvelist
EUVD	EUVD-2022-1140	3 Oct 202520:07	–	euvd
Github Security Blog	Arbitrary code execution in Apache ServiceComb java-chassis	9 Feb 202222:19	–	github
NVD	CVE-2020-17532	25 Jan 202110:16	–	nvd
OSV	GHSA-PX4W-RCV2-6X8X Arbitrary code execution in Apache ServiceComb java-chassis	9 Feb 202222:19	–	osv
Prion	Code injection	25 Jan 202110:16	–	prion
RedhatCVE	CVE-2020-17532	9 Jan 202609:48	–	redhatcve
Veracode	Arbitrary Code Execution	26 Jan 202105:09	–	veracode

NVD

Vulners

Node

apache java_chassisRange2.0.0–2.1.5

[
  {
    "product": "Apache ServiceComb-Java-Chassis",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "Apache ServiceComb-Java-Chassis 2.x 2.0.0 to 2.1.3"
      }
    ]
  }
]

Source	Link
seclists	www.seclists.org/oss-sec/2021/q1/60
issues	www.issues.apache.org/jira/browse/SCB-2145

21 Nov 2024 05:08Current

8.9High risk

Vulners AI Score8.9

CVSS 26

CVSS 3.18.8

EPSS0.02854