15 matches found
GHSA-P953-3J66-HG45 vulnerabilities
Vulnerabilities for packages: spark-scala-2.13...
CVE-2024-23953 vulnerabilities
Vulnerabilities for packages: spark-scala-2.13...
IBM Engineering Requirements Management DOORS 9.7.2.x < 9.7.2.8 Multiple Vulnerabilities (7124058)
The version of IBM Engineering Requirements Management DOORS formerly IBM Rational DOORS installed on the remote host is 9.7.2.x prior to 9.7.2.8. It is, therefore, affected by multiple vulnerabilities as referenced in the 7124058 advisory. - Apache Shiro before 1.9.1, A RegexRequestMatcher can b...
GHSA-Q6G2-G7F3-RR83 vulnerabilities
Vulnerabilities for packages: druid...
CVE-2023-1436 vulnerabilities
Vulnerabilities for packages: druid...
CVE-2023-1436 vulnerabilities
Vulnerabilities for packages: druid...
SUSE CVE-2022-36944
Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network...
GHSA-8QV5-68G4-248J vulnerabilities
Vulnerabilities for packages: spark-scala-2.13...
GHSA-8QV5-68G4-248J Scala subject to file deletion, code execution due to Java deserialization chain with LazyList object deserialization
Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with LazyList object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make netwo...
CVE-2022-36944
Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network...
CVE-2022-36944 vulnerabilities
Vulnerabilities for packages: spark-fips...
CVE-2022-36944
Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network...
Deserialization of untrusted data
Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network...
CVE-2022-36944
Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network...
CVE-2022-36944
Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network...