4 matches found
Oracle GoldenGate (Oct 2022 CPU)
The version of GoldenGate installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in Oracle GoldenGate component: Oracle GoldenGate Microservices Dell BSAFE Micro Edition Suite. The supported version that is affected is...
com.ancientlightstudios:simplegen (>=1.0.2 <=1.0.8), com.ancientlightstudios:simplegen-maven-plugin (>=1.0.2 <=1.0.8) +26 more potentially affected by CVE-2018-18893 via com.hubspot.jinjava:jinjava (>=1.0.3 <=2.4.12)
com.hubspot.jinjava:jinjava MAVEN version =1.0.3, =1.0.2, =1.0.2, =0.1.0, =2.5.5, =0.4.2, =0.1.0, =1.45.0, =1.70.0 and more Source cves: CVE-2018-18893 Source advisory: OSV:GHSA-45R8-3495-X6RM...
CVE-2018-18893
Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java...
CVE-2018-18893
CVE-2018-18893 affects Jinjava up to version 2.4.5; the vulnerability arises because JinjavaBeanELResolver does not block getClass, enabling potential attacker-controlled object types to influence evaluation. Public references (GHSA, OSV, Veracode) describe risks of remote code execution or arbit...