7 matches found
Pebble Templates protection mechanism bypass can lead to arbitrary code execution
Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok...
GHSA-WXX5-W9JC-48WX Pebble Templates protection mechanism bypass can lead to arbitrary code execution
Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok...
CVE-2022-37767
Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. NOTE: the vendor disputes this because input to the Pebble templating engine is intended to include arbitrary Java code, and thus either the input should not arrive from...
Pebble Templates 安全漏洞
Pebble Templates is a Java template engine. A security vulnerability exists in Pebble Templates version 3.1.5 that allows an attacker to bypass protection mechanisms and achieve arbitrary code execution using springbok...
PT-2022-24057 · Unknown · Pebble Templates
Name of the Vulnerable Software and Affected Versions: Pebble Templates version 3.1.5 Description: The issue allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. It is noted that the vendor disputes this, as input to the Pebble templating engine...
CVE-2022-37767
Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. NOTE: the vendor disputes this because input to the Pebble templating engine is intended to include arbitrary Java code, and thus either the input should not arrive from...
CVE-2022-37767
Pebble Templates 3.1.5 is described as vulnerable to bypassing a protection mechanism that could enable arbitrary code execution via springbok. The root cause cited by multiple sources is improper validation/handling of allowed methods (e.g., BlacklistMethodAccessValidator) within the templating ...