10 matches found
EUVD-2021-2180
Malware in sbrugna...
CVE-2021-41616
Apache DB DdlUtils 1.0 included a BinaryObjectsHelper that was intended for use when migrating database data with a SQL data type of BINARY, VARBINARY, LONGVARBINARY, or BLOB between databases using the ddlutils features. The BinaryObjectsHelper class was insecure and used...
K14234227: Apache DB DdlUtils vulnerability CVE-2021-41616
Security Advisory Description Apache DB DdlUtils 1.0 included a BinaryObjectsHelper that was intended for use when migrating database data with a SQL data type of BINARY, VARBINARY, LONGVARBINARY, or BLOB between databases using the ddlutils features. The BinaryObjectsHelper class was insecure an...
Apache DB DdlUtils code issue vulnerability
Apache DB DdlUtils is a small, easy-to-use component from the Apache Foundation for working with database definition DDL files.A code issue vulnerability exists in Apache DB DdlUtils 1.0, which stems from an insecure BinaryObjectsHelper class that uses ObjectInputStream.readObject when failing to...
CVE-2021-41616
Apache DB DdlUtils 1.0 included a BinaryObjectsHelper that was intended for use when migrating database data with a SQL data type of BINARY, VARBINARY, LONGVARBINARY, or BLOB between databases using the ddlutils features. The BinaryObjectsHelper class was insecure and used...
CVE-2021-41616
Apache DB DdlUtils 1.0 included a BinaryObjectsHelper that was intended for use when migrating database data with a SQL data type of BINARY, VARBINARY, LONGVARBINARY, or BLOB between databases using the ddlutils features. The BinaryObjectsHelper class was insecure and used...
CVE-2021-41616 Apache ddlutils 1.0 readobject vulnerability
Apache DB DdlUtils 1.0 included a BinaryObjectsHelper that was intended for use when migrating database data with a SQL data type of BINARY, VARBINARY, LONGVARBINARY, or BLOB between databases using the ddlutils features. The BinaryObjectsHelper class was insecure and used...
CVE-2021-41616
CVE-2021-41616 concerns Apache DB DdlUtils 1.0, where the BinaryObjectsHelper deserializes data via ObjectInputStream.readObject without validating input. This insecure deserialization could lead to arbitrary code execution. Multiple sources (NVD, OSV, CNVD) describe the root cause as the untrust...
CVE-2021-41616 Apache ddlutils 1.0 readobject vulnerability
Apache DB DdlUtils 1.0 included a BinaryObjectsHelper that was intended for use when migrating database data with a SQL data type of BINARY, VARBINARY, LONGVARBINARY, or BLOB between databases using the ddlutils features. The BinaryObjectsHelper class was insecure and used...
Apache DB DdlUtils 代码问题漏洞
Apache DB DdlUtils is a small, easy-to-use component from the Apache Foundation for working with database definition DDL files.A code issue vulnerability exists in Apache DB DdlUtils 1.0, which stems from an insecure BinaryObjectsHelper class that uses ObjectInputStream.readObject when failing to...