4 matches found
CVE-2023-37895
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to including 2.20.10 stable branch and 2.21.17 unstable branch use the component "commons-beanutils", which contains a class that can be used for remote...
CVE-2023-37895
creationtimestamp| type| source ---|---|--- 2023-07-25 18:27:02+00:00| seen| https://t.me/cibsecurity/67247 2023-09-09 12:36:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8992 2023-09-24 08:35:03+00:00| published-proof-of-concept| https://t.me/CNArsenal/1092...
CVE-2023-37895
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to including 2.20.10 stable branch and 2.21.17 unstable branch use the component "commons-beanutils", which contains a class that can be used for remote...
CVE-2023-37895
Summary: CVE-2023-37895 affects Apache Jackrabbit Webapp/Standalone via an unsafe deserialization in the commons-beanutils component, enabling remote code execution over RMI. Affected RMIs include versions up to 2.20.10 (stable) and 2.21.17 (unstable). Impact: potential remote code execution with...