Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-5525

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00556EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/12/21 6:30 p.m.6 views

io.fabric8:fabric8-maven-plugin (=1.2.0.redhat-133), it.uniroma2.art.maple:maple-karaf-distribution (>=0.0.3 <=0.0.5) +2 more potentially affected by CVE-2022-40145 via org.apache.karaf:apache-karaf (>=4.4.1 <=4.4.11)

org.apache.karaf:apache-karaf MAVEN version =4.4.1, =0.0.3, =0.0.5 - org.apache.camel.karaf:camel-test-karaf =3.19.0 - org.apache.karaf.demos:web =4.1.7 Source cves: CVE-2022-40145 Source advisory: OSV:GHSA-C2P4-8MVV-RWMV...

9.8CVSS7.2AI score0.02404EPSS
Exploits0
OSV
OSV
added 2022/05/24 5:31 p.m.16 views

GHSA-W7GJ-H6F2-X4C6 fabric8-maven-plugin: insecure way to construct Yaml Object leading to remote code execution

A flaw was found in the fabric8-maven-plugin 4.0.0 and later. When using a wildfly-swarm or thorntail custom configuration, a malicious YAML configuration file on the local machine executing the maven plug-in could allow for deserialization of untrusted data resulting in arbitrary code execution...

7.8CVSS7.8AI score0.00556EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/24 5:31 p.m.29 views

fabric8-maven-plugin: insecure way to construct Yaml Object leading to remote code execution

A flaw was found in the fabric8-maven-plugin 4.0.0 and later. When using a wildfly-swarm or thorntail custom configuration, a malicious YAML configuration file on the local machine executing the maven plug-in could allow for deserialization of untrusted data resulting in arbitrary code execution...

7.8CVSS7.6AI score0.00556EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/10/22 8:15 p.m.4 views

CVE-2020-10721

A flaw was found in the fabric8-maven-plugin 4.0.0 and later. When using a wildfly-swarm or thorntail custom configuration, a malicious YAML configuration file on the local machine executing the maven plug-in could allow for deserialization of untrusted data resulting in arbitrary code execution...

7.8CVSS6AI score
Exploits0References1
NVD
NVD
added 2020/10/22 8:15 p.m.12 views

CVE-2020-10721

A flaw was found in the fabric8-maven-plugin 4.0.0 and later. When using a wildfly-swarm or thorntail custom configuration, a malicious YAML configuration file on the local machine executing the maven plug-in could allow for deserialization of untrusted data resulting in arbitrary code execution...

7.8CVSS0.00556EPSS
Exploits0References1
Prion
Prion
added 2020/10/22 8:15 p.m.17 views

Deserialization of untrusted data

A flaw was found in the fabric8-maven-plugin 4.0.0 and later. When using a wildfly-swarm or thorntail custom configuration, a malicious YAML configuration file on the local machine executing the maven plug-in could allow for deserialization of untrusted data resulting in arbitrary code execution...

6.9CVSS7.8AI score0.00556EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/10/22 8:0 p.m.56 views

CVE-2020-10721

CVE-2020-10721 affects the fabric8-maven-plugin (4.0.0 and later). The vulnerability arises when using a wildfly-swarm or thorntail custom configuration, where a malicious YAML file on the machine running the Maven plugin can trigger deserialization of untrusted data, enabling arbitrary code exec...

7.8CVSS7.8AI score0.00556EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/10/22 8:0 p.m.18 views

CVE-2020-10721

A flaw was found in the fabric8-maven-plugin 4.0.0 and later. When using a wildfly-swarm or thorntail custom configuration, a malicious YAML configuration file on the local machine executing the maven plug-in could allow for deserialization of untrusted data resulting in arbitrary code execution...

7.8AI score0.00556EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/10/20 6:15 p.m.34 views

CVE-2020-10721

A flaw was found in the fabric8-maven-plugin 4.0.0 and later. When using a wildfly-swarm or thorntail custom configuration, a malicious YAML configuration file on the local machine executing the maven plug-in could allow for deserialization of untrusted data resulting in arbitrary code execution...

7.8CVSS3.7AI score0.00556EPSS
Exploits0References3
Rows per page
Query Builder