Lucene search
K

10 matches found

NVD
NVD
added 2025/12/30 6:15 a.m.5 views

CVE-2025-15222

A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high...

5CVSS0.0022EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/30 5:32 a.m.4 views

CVE-2025-15222 Dromara Sa-Token SaSerializerTemplateForJdkUseBase64.java ObjectInputStream.readObject deserialization

A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high...

5CVSS6.3AI score0.0022EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/30 5:32 a.m.3 views

EUVD-2025-205687

A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high...

5CVSS5AI score0.0022EPSS
Exploits0References5
CVE
CVE
added 2025/12/30 5:32 a.m.10 views

CVE-2025-15222

CVE-2025-15222 affects Dromara Sa-Token up to 1.44.0. The vulnerability is a deserialization flaw in ObjectInputStream.readObject within SaSerializerTemplateForJdkUseBase64.java, enabling remote manipulation with high complexity and publicly disclosed exploit. Multiple connected sources (Red Hat,...

5CVSS6.3AI score0.0022EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.3 views

PT-2025-53845

Name of the Vulnerable Software and Affected Versions Dromara Sa-Token versions prior to 1.45.0 Description A flaw exists in Dromara Sa-Token up to version 1.44.0 related to deserialization. The issue is located in the ObjectInputStream.readObject function within the...

5CVSS6.1AI score0.0022EPSS
Exploits0References6
NVD
NVD
added 2025/12/28 3:15 a.m.13 views

CVE-2025-15117

A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function ObjectInputStream.readObject of the file SaJdkSerializer.java. Executing manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized by high complexity. It is...

3.1CVSS0.00271EPSS
Exploits0References4
CVE
CVE
added 2025/12/28 2:32 a.m.11 views

CVE-2025-15117

CVE-2025-15117 affects Dromara Sa-Token up to 1.44.0. The flaw is in SaJdkSerializer.java, specifically ObjectInputStream.readObject, enabling a deserialization attack. The description notes remote-launch potential with high attack complexity and difficult exploitability. Multiple sources corrobo...

3.1CVSS6.3AI score0.00271EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/28 2:32 a.m.5 views

EUVD-2025-205488

A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function ObjectInputStream.readObject of the file SaJdkSerializer.java. Executing manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized by high complexity. It is...

3.1CVSS6.2AI score0.00271EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/28 2:32 a.m.28 views

CVE-2025-15117 Dromara Sa-Token SaJdkSerializer.java ObjectInputStream.readObject deserialization

A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function ObjectInputStream.readObject of the file SaJdkSerializer.java. Executing manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized by high complexity. It is...

3.1CVSS0.00271EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/28 12:0 a.m.4 views

PT-2025-53632

Name of the Vulnerable Software and Affected Versions Dromara Sa-Token versions up to 1.44.0 Description A weakness exists in Dromara Sa-Token up to version 1.44.0 related to deserialization. The issue affects the ObjectInputStream.readObject function within the SaJdkSerializer.java file...

3.1CVSS6.2AI score0.00271EPSS
Exploits0References9
Rows per page
Query Builder