Lucene search

K
osvGoogleOSV:GHSA-J7JM-8GF5-FRCM
HistoryMar 07, 2024 - 6:30 a.m.

nGrinder vulnerable to unsafe Java objects deserialization

2024-03-0706:30:31
Google
osv.dev
4
ngrinder
vulnerability
java deserialization
remote code execution

8.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

nGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to execute arbitrary code via unsafe Java objects deserialization.

8.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Related for OSV:GHSA-J7JM-8GF5-FRCM