2 matches found
GHSA-W39X-CHVM-PJ3C Deserialization of Untrusted Data in com.bstek.ureport:ureport2-console
All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...
CVE-2022-25767
All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...