4 matches found
Deserialization of untrusted data
An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode parameter...
CVE-2023-31890
CVE-2023-31890 affects glazedlists v1.11.0, due to an XML deserialization flaw in BeanXMLByteCoder.decode() that allows remote code execution. The vulnerability is rated CRITICAL (CVSS v3.1: 9.8) with network attack vector, low complexity, no user interaction. Exploitation information in the conn...
CVE-2023-31890
An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode parameter...
CVE-2023-31890
An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode parameter...