Lucene search
K

4 matches found

Circl
Circl
added 2025/07/04 11:1 a.m.9 views

CVE-2024-3366

creationtimestamp| type| source ---|---|--- 2025-07-04 11:01:33+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114794620052697504...

9.8CVSS3.8AI score0.00945EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:9 a.m.15 views

CVE-2024-3366

A vulnerability classified as problematic was found in Xuxueli xxl-job up to 2.4.1. This vulnerability affects the function deserialize of the file com/xxl/job/core/util/JdkSerializeTool.java of the component Template Handler. The manipulation leads to injection. The exploit has been disclosed to...

9.8CVSS9.7AI score0.00945EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2024/04/06 12:30 p.m.6 views

cn.acyou:leo-framework-barcode (=1.6.0.RELEASE), cn.acyou:leo-framework-commons (=1.6.0.RELEASE) +171 more potentially affected by CVE-2024-3366 via com.xuxueli:xxl-job-core (>=1.8.2 <=2.4.0)

com.xuxueli:xxl-job-core MAVEN version =1.8.2, =1.0.7, =1.0.6, =1.2.3, =1.0.0-RELEASE, =0.0.8-RELEASE, =0.0.8-RELEASE, =1.6.0, =1.6.154 - cn.openjava:openjava-xxl-job-starter =2.0.0.1-alpha and more Source cves: CVE-2024-3366 Source advisory: OSV:GHSA-2V42-XP3J-47M4...

9.8CVSS5.7AI score0.00945EPSS
Exploits1
CVE
CVE
added 2024/04/06 10:31 a.m.98 views

CVE-2024-3366

Xuxueli XXL-Job up to 2.4.1 contains a Template Handler deserialization vulnerability in com/xxl/job/core/util/JdkSerializeTool.java that enables template-injection via manipulated byte arrays. The flaw allows injection due to lack of sanitization in deserialize(), with exploitation disclosed pub...

9.8CVSS4.2AI score0.00945EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder