3 matches found
cn.dev33:sa-token-dao-redisx (>=1.30.0 <=1.30.0.RC), cn.dev33:sa-token-solon-plugin (>=1.20.0 <=1.35.0.RC) +442 more potentially affected by CVE-2023-35839 via org.noear:solon (>=1.0.10 <=2.3.3-M3)
org.noear:solon MAVEN version =1.0.10, =1.30.0, =1.20.0, =1, =1, =1, =4.1.0, =1.5.29, =1.0.0, =1.0.0, =3.2.0, =1.0.8, =3.0.0-M6, =1.0.9, =1.7.3 and more Source cves: CVE-2023-35839 Source advisory: OSV:GHSA-7Q8C-49F4-4C8Q...
CVE-2023-35839
Summary: CVE-2023-35839 affects Solon before v2.3.3 due to a bypass in the sofa-hessian component that allows arbitrary code execution when processing a crafted payload. Affected software: Solon (Java) with the sofa-hessian component, prior to version 2.3.3. Root cause / vulnerability detail: A b...
CVE-2023-35839
A bypass in the component sofa-hessian of Solon before v2.3.3 allows attackers to execute arbitrary code via providing crafted payload...