4 matches found
br.com.ingenieux:jbake-maven-plugin (>=0.0.3 <=0.0.9), br.com.jarch:jarch-apt (>=20.3.0 <=25.12.0) +450 more potentially affected by CVE-2016-10750 via com.hazelcast:hazelcast (>=1.7 <=3.10.7)
com.hazelcast:hazelcast MAVEN version =1.7, =0.0.3, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =1.0.0, =1.0.0-final, =1.1.0-final and more Source cves: CVE-2016-10750 Source advisory: OSV:GHSA-JV65-PF7V-F7P8...
JFrog < 7.11.1 Multiple Vulnerabilities
According to its self-reported version number, the version of JFrog Artifactory installed on the remote host is prior to 7.11.1. It is, therefore, affected by multiple vulnerabilities: - A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This...
CVE-2016-10750
In Hazelcast before 3.11, the cluster join procedure is vulnerable to remote code execution via Java deserialization. If an attacker can reach a listening Hazelcast instance with a crafted JoinRequest, and vulnerable classes exist in the classpath, the attacker can run arbitrary code...
CVE-2016-10750
CVE-2016-10750 is a Java deserialization RCE vulnerability in Hazelcast used by Atlassian Confluence Data Center when running in a clustered configuration. A remote, unauthenticated attacker can exploit the issue by sending a crafted JoinRequest to a Hazelcast instance listening on the cluster po...