2 matches found
EUVD-2025-210362
The default JVM can access files and directories under /tmp/ including the $TemporaryDirectory of other users on the same cloud instance /tmp/UserTemporaryFiles/. The -init file for the the JVM initialization exists in the vulnerable directory during the startup of the JVM. An attacker with acces...
Remote Code Execution (RCE)
SnakeYaml is vulnerable to Remote Code Execution RCE. The vulnerability is due to deserializing unrestricted types in the Constructor method leading to Remote Code execution through classpath injection...