CVE-2024-22871

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service DoS via the clojure.core$partial$fn5920 function...

CVE-2024-22871

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service DoS via the clojure.core$partial$fn5920 function...

CVE-2024-22871

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service DoS via the clojure.core$partial$fn5920 function...

Design/Logic Flaw

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service DoS via the clojure.core$partial$fn5920 function...

UBUNTU-CVE-2024-22871

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service DoS via the clojure.core$partial$fn5920 function...

CVE-2024-22871

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service DoS via the clojure.core$partial$fn5920 function...

CVE-2024-22871

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service DoS via the clojure.core$partial$fn5920 function...

Clojure Security Vulnerabilities

Clojure is a programming language open-sourced by Clojure. A security vulnerability exists in Clojure versions 1.20 through 1.12.0-alpha5. An attacker can exploit this vulnerability to cause a denial of service via the clojure.core$partial$fn5920 function...

CVE-2024-22871

CVE-2024-22871 affects IBM Cognos Analytics (11.2.x FP4 and 12.0.x) via a DoS in Clojure’s clojure.core$partial$fn__5920 function. The IBM Security Bulletin enumerates vulnerable products/versions and links remediation: upgrade to Cognos Analytics 12.0.4 or 11.2.4 FP5. The CVSS-based impact is HI...

CVE-2024-22871

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service DoS via the clojure.core$partial$fn5920 function...

CVE-2024-22871

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service DoS via the clojure.core$partial$fn5920 function...

PT-2024-6047 · Atlassian +2 · Confluence +2

Name of the Vulnerable Software and Affected Versions: Clojure versions 1.12.0-alpha5 through 1.20 Clojure versions 1.7.0 through 1.11.1 Description: The issue is related to the deserialization of untrusted data, which can allow an attacker to cause a denial of service DoS via the...

LRS Security Vulnerabilities

LRS is a protocol, specification, and logic for building xAPI Learning Record Stores LRS in ClojureScript open source by Yet Analytics. A security vulnerability exists in LRS versions prior to 1.2.17. An attacker exploits this vulnerability to execute script or other markup injections in a browse...

Arbitrary Code Execution

clojure is vulnerable to Arbitrary Code Execution. The vulnerability is due to the server deserializing untrusted objects. Classes can be used to construct serialized object which executes arbitrary code upon deserialization...

au.com.permeance:liferay-clojure-integration (=0.1), ch.cern:entwined-stm (>=1.0.0 <=1.0.1) +458 more potentially affected by CVE-2017-20189 via org.clojure:clojure (>=1.0.0 <=1.9.0-beta3)

org.clojure:clojure MAVEN version =1.0.0, =1.0.0, =1.0.0-RELEASE, =0.0.3, =1.0.0, =0.1.0, =8.4.0, =0.1.0, =0.0.3, =1.9.921, =0.0.1, =0.3.3 and more Source cves: CVE-2017-20189 Source advisory: OSV:GHSA-JGXC-8MWQ-9XQW...

Clojure classes can be used to craft a serialized object that runs arbitrary code on deserialization

In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects...

GHSA-JGXC-8MWQ-9XQW Clojure classes can be used to craft a serialized object that runs arbitrary code on deserialization

In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects...

DEBIAN-CVE-2017-20189

In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects...

CVE-2017-20189

In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects...

Deserialization of untrusted data

In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects...