Lucene search
GoogleOSV:GHSA-H892-X453-86WCHistoryMay 13, 2022 - 1:19 a.m.
Pippo RCE Vulnerability
2022-05-1301:19:33
Google
osv.dev
3
0.003 Low
EPSS
Percentile
69.9%
Pippo through 1.11.0 allows remote code execution via a command to java.lang.ProcessBuilder because the XstreamEngine component does not use XStream’s available protection mechanisms to restrict unmarshalling.
Related
prion
prion
Remote code execution
2018-10-11 07:29:00
veracode
veracode
Remote Code Execution (RCE)
2018-10-12 02:29:46
osv
osv
CVE-2018-18240
2018-10-11 07:29:00
cvelist
cvelist
CVE-2018-18240
2022-10-03 16:22:04
nvd
nvd
CVE-2018-18240
2018-10-11 07:29:00
github
github
Pippo RCE Vulnerability
2022-05-13 01:19:33
cve
cve
CVE-2018-18240
2022-10-03 16:22:04