Lucene search

K
prionPRIOn knowledge basePRION:CVE-2020-24164
HistorySep 11, 2020 - 6:15 a.m.

Deserialization of untrusted data

2020-09-1106:15:00
PRIOn knowledge base
www.prio-n.com
7

0.001 Low

EPSS

Percentile

28.6%

A deserialization flaw is present in Taoensso Nippy before 2.14.2. In some circumstances, it is possible for an attacker to create a malicious payload that, when deserialized, will allow arbitrary code to be executed. This occurs because there is automatic use of the Java Serializable interface.

CPENameOperatorVersion
nippylt2.14.2

0.001 Low

EPSS

Percentile

28.6%

Related for PRION:CVE-2020-24164