CVE-2017-20189

creationtimestamp| type| source ---|---|--- 2024-01-22 07:31:58+00:00| seen| https://t.me/ctinow/171006 2024-01-31 03:16:25+00:00| seen| https://t.me/ctinow/176438 2024-02-16 08:46:07+00:00| seen| https://t.me/ctinow/186181...

CVE-2017-20189

In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects...

CVE-2017-20189

In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects...

CVE-2017-20189

CVE-2017-20189 is a deserialization flaw in Clojure prior to 1.9.0 that allows remote attackers to execute arbitrary code when untrusted serialized objects are deserialized on the server. Public details in connected docs confirm affected Clojure versions (including 1.7.x–1.11.x and 1.12.0-alpha5 ...

au.com.permeance:liferay-clojure-integration (=0.1), ch.cern:entwined-stm (>=1.0.0 <=1.0.1) +329 more potentially affected by CVE-2017-20189 via org.clojure:clojure (>=1.2.0 <=1.9.0-beta3)

org.clojure:clojure MAVEN version =1.2.0, =1.0.0, =1.0.0-RELEASE, =1.0.0, =0.1.0, =8.4.0, =0.1.0, =0.0.3, =1.9.921, =0.0.1, =0.0.1, =0.2.2 and more Source cves: CVE-2017-20189 Source advisory: SNYK:JAVA-ORGCLOJURE-5740378...