4 matches found
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.42.0.2), ai.h2o:h2o-algos (>=3.10.5.1 <=3.42.0.2) +51 more potentially affected by CVE-2023-39013 via no.priv.garshol.duke:duke (=1.2)
no.priv.garshol.duke:duke MAVEN version =1.2 is affected by a known vulnerability. The following packages have a transitive dependency on no.priv.garshol.duke:duke and may be impacted: - ai.h2o:h2o-admissibleml =3.34.0.1, =3.10.5.1, =3.10.5.1, =3.12.0.1, =3.10.5.1, =3.10.5.1, =3.14.0.7, =3.16.0.1...
CVE-2023-39013
Duke v1.2 and below was discovered to contain a code injection vulnerability via the component no.priv.garshol.duke.server.CommonJTimer.init...
CVE-2023-39013
Duke v1.2 and below was discovered to contain a code injection vulnerability via the component no.priv.garshol.duke.server.CommonJTimer.init...
CVE-2023-39013
Summary: CVE-2023-39013 affects Duke v1.2 and earlier. A code injection vulnerability exists in the CommonsJTimer.init component (no.priv.garshol.duke.server.CommonJTimer.init). The issue enables potential arbitrary code execution via unfiltered LDAP lookups in that method. Documents consistently...