Lucene search
+L

6 matches found

SUSE CVE
SUSE CVE
added 2025/02/14 6:19 a.m.5 views

SUSE CVE-2023-38647

An attacker can use SnakeYAML to deserialize java.net.URLClassLoader and make it load a JAR from a specified URL, and then deserialize javax.script.ScriptEngineManager to load code using that ClassLoader. This unbounded deserialization can likely lead to remote code execution. The code can be run...

9.8CVSS9.6AI score0.01515EPSS
Exploits0References3
Wolfi
Wolfi
added 2023/07/26 8:15 a.m.21 views

CVE-2023-38647 vulnerabilities

Vulnerabilities for packages: trino...

9.8CVSS6.8AI score0.01515EPSS
Exploits0
Chainguard
Chainguard
added 2023/07/26 8:15 a.m.15 views

CVE-2023-38647 vulnerabilities

Vulnerabilities for packages: trino...

9.8CVSS6.9AI score0.01515EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/07/26 7:52 a.m.14 views

CVE-2023-38647 Apache Helix: Deserialization vulnerability in Helix workflow and REST

An attacker can use SnakeYAML to deserialize java.net.URLClassLoader and make it load a JAR from a specified URL, and then deserialize javax.script.ScriptEngineManager to load code using that ClassLoader. This unbounded deserialization can likely lead to remote code execution. The code can be run...

9.6AI score0.01515EPSS
Exploits0References1
CVE
CVE
added 2023/07/26 7:52 a.m.297 views

CVE-2023-38647

CVE-2023-38647 describes a deserialization vulnerability in Apache Helix workflow and REST where SnakeYAML can deserialize java.net.URLClassLoader to load a JAR from a URL, and then javax.script.ScriptEngineManager to execute code with that ClassLoader. This unbounded deserialization can likely l...

9.8CVSS9.6AI score0.01515EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/26 7:52 a.m.33 views

CVE-2023-38647 Apache Helix: Deserialization vulnerability in Helix workflow and REST

An attacker can use SnakeYAML to deserialize java.net.URLClassLoader and make it load a JAR from a specified URL, and then deserialize javax.script.ScriptEngineManager to load code using that ClassLoader. This unbounded deserialization can likely lead to remote code execution. The code can be run...

9.8AI score0.01515EPSS
Exploits0References1
Rows per page
Query Builder