Lucene search
GoogleOSV:GHSA-W39X-CHVM-PJ3CHistoryMay 03, 2022 - 12:00 a.m.
Deserialization of Untrusted Data in com.bstek.ureport:ureport2-console
2022-05-0300:00:44
Google
osv.dev
3
deserialization
remote code execution
com.bstek.ureport
arbitrary file read
malicious database server
local gadgets
vulnerable software
EPSS
0.003
Percentile
71.8%
All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets.
Related
veracode
veracode
Remote Code Execution
2022-05-04 08:44:55
cvelist
cvelist
CVE-2022-25767 Remote Code Execution
2022-05-01 15:30:34
github
github
Deserialization of Untrusted Data in com.bstek.ureport:ureport2-console
2022-05-03 00:00:44
prion
prion
Deserialization of untrusted data
2022-05-01 16:15:00
cve
cve
CVE-2022-25767
2022-05-01 16:15:08
nvd
nvd
CVE-2022-25767
2022-05-01 16:15:08