9 matches found
EUVD-2025-4892
Malicious code in bioql PyPI...
Remote Code Execution (RCE)
Apache Ignite is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper deserialization due to the configured Class Serialization Filters being ignored for some Ignite endpoints, allowing an attacker to send a maliciously crafted message that executes arbitrary code on the...
CVE-2024-52577
A flaw was found in Apache Ignite. This vulnerability allows remote code execution via specially crafted Ignite messages that bypass Class Serialization Filters. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Securit...
GHSA-8355-XJ3P-HV6Q Apache Ignite: Possible RCE when deserializing incoming messages by the server node
In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an attacker manually crafts an Ignite message containing a vulnerable object whose class is present in the Ignite server...
CVE-2024-52577
In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an attacker manually crafts an Ignite message containing a vulnerable object whose class is present in the Ignite server...
CVE-2024-52577
In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an attacker manually crafts an Ignite message containing a vulnerable object whose class is present in the Ignite server...
CVE-2024-52577 Apache Ignite: Possible RCE when deserializing incoming messages by the server node
In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an attacker manually crafts an Ignite message containing a vulnerable object whose class is present in the Ignite server...
CVE-2024-52577 Apache Ignite: Possible RCE when deserializing incoming messages by the server node
In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an attacker manually crafts an Ignite message containing a vulnerable object whose class is present in the Ignite server...
CVE-2024-52577
CVE-2024-52577 concerns Apache Ignite: versions 2.6.0 through