Lucene search
Flamingo Amf-serializer Security Vulnerabilities
cve
The Java implementation of AMF3 deserializers used in Flamingo amf-serializer by Exadel, version 2.2.0 derives class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RM...
8.1CVSS
8.6AI Score
0.073EPSS
2018-06-11 05:29 PM
26