Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:54 a.m.9 views

CVE-2024-42323

SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat incubating. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat incubating: before 1.6.0. Users are recommended to upgrade to version 1.6.0, which fixes the issue...

8.8CVSS6.8AI score0.04054EPSS
Exploits0
Circl
Circl
added 2024/09/21 1:18 p.m.6 views

CVE-2024-42323

creationtimestamp| type| source ---|---|--- 2024-09-21 13:18:31+00:00| seen| https://t.me/cvedetector/6141...

8.8CVSS4.8AI score0.04054EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/21 9:30 a.m.23 views

CVE-2024-42323 Apache HertzBeat: RCE by snakeYaml deser load malicious xml

SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat incubating. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat incubating: before 1.6.0. Users are recommended to upgrade to version 1.6.0, which fixes the issue...

6.9AI score0.04054EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/21 9:30 a.m.18 views

CVE-2024-42323 Apache HertzBeat: RCE by snakeYaml deser load malicious xml

SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat incubating. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat incubating: before 1.6.0. Users are recommended to upgrade to version 1.6.0, which fixes the issue...

0.04054EPSS
Exploits0References2
CVE
CVE
added 2024/09/21 9:30 a.m.72 views

CVE-2024-42323

Apache HertzBeat (incubating) before version 1.6.0 is affected by a SnakeYAML deserialization vulnerability that enables remote code execution. The issue stems from insecure deserialization of YAML/XML data and is exploitable by authorized attackers. Upgrade to 1.6.0 to fix the issue.

8.8CVSS8.7AI score0.04054EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder