3 matches found
HPESBNW05022 rev.1 - HPE Telco Intelligent Assurance, Improper Control of Generation of Code vulnerability
Potential Security Impact: Local: Arbitrary Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Telco Intelligent Assurance 4.2.14 - FAS and PDO 4.2.14 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2025-33042 |...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path during schema parsing. Although loading untrusted classes is no longer vulnerable via this vector as of version 1.15.1, by default an attacker who can control a trusted class can execute arbitrary...
OESA-2024-1915 avro security update
Apache Avro is a data serialization system. Security Fixes: When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up...