Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:9 p.m.5 views

CVE-2018-18240

Pippo through 1.11.0 allows remote code execution via a command to java.lang.ProcessBuilder because the XstreamEngine component does not use XStream's available protection mechanisms to restrict unmarshalling...

9.8CVSS7.8AI score0.03653EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/05/13 1:19 a.m.7 views

com.gitblit.fathom:fathom-integration-test (>=0.5.0 <=1.0.1), com.gitblit.fathom:fathom-mailer (>=0.5.0 <=1.0.1) +72 more potentially affected by CVE-2018-18240 via ro.pippo:pippo-core (>=0.4.0 <=1.11.0)

ro.pippo:pippo-core MAVEN version =0.4.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.2, =0.8.1, =0.8.4, =0.8.0, =0.8.0, =0.2.3, =0.4.0, =0.4.0, =1.11.0 and more Source cves: CVE-2018-18240 Source advisory: OSV:GHSA-H892-X453-86WC...

9.8CVSS7.7AI score0.03653EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/05/13 1:19 a.m.6 views

ro.pippo:pippo-demo-session (>=0.4.0 <=0.6.1), ro.pippo:pippo-session-cookie (>=0.4.0 <=1.11.0) +10 more potentially affected by CVE-2018-18240 via ro.pippo:pippo-session (>=0.4.0 <=1.11.0)

ro.pippo:pippo-session MAVEN version =0.4.0, =0.4.0, =0.4.0, =0.9.0, =0.9.0, =0.9.0, =0.9.0, =0.9.0, =0.9.0, =0.9.0, =0.9.0, =0.9.0, =0.9.0, =1.11.0 Source cves: CVE-2018-18240 Source advisory: OSV:GHSA-H892-X453-86WC...

9.8CVSS7.7AI score0.03653EPSS
Exploits1
OSV
OSV
added 2018/10/11 7:29 a.m.82 views

CVE-2018-18240

Pippo through 1.11.0 allows remote code execution via a command to java.lang.ProcessBuilder because the XstreamEngine component does not use XStream's available protection mechanisms to restrict unmarshalling...

9.8CVSS7.8AI score
Exploits0References1
CVE
CVE
added 2018/10/11 7:0 a.m.323 views

CVE-2018-18240

Pippo up to version 1.11.0 is vulnerable to remote code execution via a command to java.lang.ProcessBuilder because the XstreamEngine component does not use XStream’s available protection mechanisms to restrict unmarshalling.

9.8CVSS9.8AI score0.03653EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder