2 matches found
CVE-2014-9515
Dozer improperly uses a reflection-based approach to type conversion, which might allow remote attackers to execute arbitrary code via a crafted serialized object...
cn.123tool.chen:commons (=1.0.0), cn.acooly:acooly-auth-google-authenticator (=5.2.1) +681 more potentially affected by CVE-2014-9515 via net.sf.dozer:dozer (>=4.0 <=5.5.1)
net.sf.dozer:dozer MAVEN version =4.0, =1.0.0, =2.1.0 and more Source cves: CVE-2014-9515 Source advisory: SNYK:JAVA-NETSFDOZER-15338467...