GHSA-WXX5-W9JC-48WX Pebble Templates protection mechanism bypass can lead to arbitrary code execution

Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok...

Pebble Templates protection mechanism bypass can lead to arbitrary code execution

Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok...

CVE-2022-37767

Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. NOTE: the vendor disputes this because input to the Pebble templating engine is intended to include arbitrary Java code, and thus either the input should not arrive from...

PT-2022-24057 · Unknown · Pebble Templates

Name of the Vulnerable Software and Affected Versions: Pebble Templates version 3.1.5 Description: The issue allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. It is noted that the vendor disputes this, as input to the Pebble templating engine...

Pebble Templates 安全漏洞

Pebble Templates is a Java template engine. A security vulnerability exists in Pebble Templates version 3.1.5 that allows an attacker to bypass protection mechanisms and achieve arbitrary code execution using springbok...

CVE-2022-37767

Pebble Templates 3.1.5 is described as vulnerable to bypassing a protection mechanism that could enable arbitrary code execution via springbok. The root cause cited by multiple sources is improper validation/handling of allowed methods (e.g., BlacklistMethodAccessValidator) within the templating ...

CVE-2022-37767

Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. NOTE: the vendor disputes this because input to the Pebble templating engine is intended to include arbitrary Java code, and thus either the input should not arrive from...