DoS (Denial of Service) org.clojure:clojure Dependency in Confluence Data Center and Server

This High severity org.clojure:clojure Dependency vulnerability was introduced in versions 6.0.0 of Confluence Data Center and Server. This org.clojure:clojure Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

SUSE CVE-2024-22871

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service DoS via the clojure.core$partial$fn5920 function...

PT-2024-6047 · Atlassian +2 · Confluence +2

Name of the Vulnerable Software and Affected Versions: Clojure versions 1.12.0-alpha5 through 1.20 Clojure versions 1.7.0 through 1.11.1 Description: The issue is related to the deserialization of untrusted data, which can allow an attacker to cause a denial of service DoS via the...

au.com.permeance:liferay-clojure-integration (=0.1), ch.cern:entwined-stm (>=1.0.0 <=1.0.1) +458 more potentially affected by CVE-2017-20189 via org.clojure:clojure (>=1.0.0 <=1.9.0-beta3)

org.clojure:clojure MAVEN version =1.0.0, =1.0.0, =1.0.0-RELEASE, =0.0.3, =1.0.0, =0.1.0, =8.4.0, =0.1.0, =0.0.3, =1.9.921, =0.0.1, =0.3.3 and more Source cves: CVE-2017-20189 Source advisory: OSV:GHSA-JGXC-8MWQ-9XQW...

CVE-2017-20189

In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects...

au.com.permeance:liferay-clojure-integration (=0.1), ch.cern:entwined-stm (>=1.0.0 <=1.0.1) +329 more potentially affected by CVE-2017-20189 via org.clojure:clojure (>=1.2.0 <=1.9.0-beta3)

org.clojure:clojure MAVEN version =1.2.0, =1.0.0, =1.0.0-RELEASE, =1.0.0, =0.1.0, =8.4.0, =0.1.0, =0.0.3, =1.9.921, =0.0.1, =0.0.1, =0.2.2 and more Source cves: CVE-2017-20189 Source advisory: SNYK:JAVA-ORGCLOJURE-5740378...