11 matches found
EUVD-2023-2318
Malicious code in bioql PyPI...
CVE-2023-36480
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them...
CVE-2023-36480
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them...
CVE-2023-36480 Aerospike Java Client vulnerable to unsafe deserialization of server responses
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them...
CVE-2023-36480 Aerospike Java Client vulnerable to unsafe deserialization of server responses
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them...
CVE-2023-36480 Aerospike Java Client vulnerable to unsafe deserialization of server responses
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them...
CVE-2023-36480
CVE-2023-36480 affects the Aerospike Java Client. The vulnerability arises from unsafe deserialization of server-provided data: messages may contain Java objects that the client deserializes via JBLOB payloads using Java’s ObjectInputStream, without sufficient validation. This can lead to Remote ...
Deserialization of Untrusted Data
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it encounters them...
GHSA-JJ95-55CR-9597 Aerospike Java Client vulnerable to unsafe deserialization of server responses
GitHub Security Lab GHSL Vulnerability Report: GHSL-2023-044 The GitHub Security Lab team has identified a potential security vulnerability in Aerospike Java Client. We are committed to working with you to help resolve this issue. In this report you will find everything you need to effectively...
Aerospike Java Client vulnerable to unsafe deserialization of server responses
GitHub Security Lab GHSL Vulnerability Report: GHSL-2023-044 The GitHub Security Lab team has identified a potential security vulnerability in Aerospike Java Client. We are committed to working with you to help resolve this issue. In this report you will find everything you need to effectively...
PT-2023-4283 · Aerospike · Aerospike Java Client
Name of the Vulnerable Software and Affected Versions: Aerospike Java Client versions prior to 7.0.0 Aerospike Java Client versions prior to 6.2.0 Aerospike Java Client versions prior to 5.2.0 Aerospike Java Client versions prior to 4.5.0 Description: The Aerospike Java client has a vulnerability...