Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-2356

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.01068EPSS
Exploits1References3
OSV
OSV
added 2023/08/21 6:31 p.m.6 views

GHSA-V6C8-PWHQ-288M Nacos Spring vulnerable to Unsafe Deserialization

An issue in Nacos Group Nacos Spring Project v.1.1.1 and before allows a remote attacker to execute arbitrary code via the SnakeYamls Constructor component...

8.8CVSS7.6AI score0.01068EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2023/08/21 6:31 p.m.4 views

cn.dynamictp:dynamic-tp-example-nacos (>=1.0.8 <=1.1.2), cn.fossc.polaris.framework:basic-framework-spring-boot-starter (>=3.0.9 <=3.0.18) +75 more potentially affected by CVE-2023-39106 via com.alibaba.nacos:nacos-spring-context (>=0.1.0-RC1 <=1.1.1)

com.alibaba.nacos:nacos-spring-context MAVEN version =0.1.0-RC1, =1.0.8, =3.0.9, =3.0.1, =3.0.1, =3.0.1, =0.1.0, =0.1.0, =0.1.10, =0.1.10, =0.1.10, =0.1.10, =2.0.0, =2.0.0, =2.0.0-beta8 - com.gitee.pulanos.pangu:pangu-framework =5.0.0 and more Source cves: CVE-2023-39106 Source advisory:...

8.8CVSS7.2AI score0.01068EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2023/08/21 5:15 p.m.4 views

CVE-2023-39106

An issue in Nacos Group Nacos Spring Project v.1.1.1 and before allows a remote attacker to execute arbitrary code via the SnakeYamls Constructor component...

8.8CVSS7.8AI score0.01068EPSS
Exploits1References2
NVD
NVD
added 2023/08/21 5:15 p.m.25 views

CVE-2023-39106

An issue in Nacos Group Nacos Spring Project v.1.1.1 and before allows a remote attacker to execute arbitrary code via the SnakeYamls Constructor component...

8.8CVSS8.9AI score0.01068EPSS
Exploits1References1
OSV
OSV
added 2023/08/21 5:15 p.m.3 views

CVE-2023-39106

An issue in Nacos Group Nacos Spring Project v.1.1.1 and before allows a remote attacker to execute arbitrary code via the SnakeYamls Constructor component...

8.8CVSS6.1AI score0.01068EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/08/21 12:0 a.m.15 views

CVE-2023-39106

An issue in Nacos Group Nacos Spring Project v.1.1.1 and before allows a remote attacker to execute arbitrary code via the SnakeYamls Constructor component...

7.8AI score0.01068EPSS
Exploits1References1
CVE
CVE
added 2023/08/21 12:0 a.m.66 views

CVE-2023-39106

CVE-2023-39106 concerns the Nacos Spring Project (v1.1.1 and earlier). The issue arises in the SnakeYamls Constructor(), used to parse YAML files, allowing a remote attacker to execute arbitrary code. The vulnerability is described consistently across multiple sources in the provided documents (N...

8.8CVSS8.9AI score0.01068EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/08/21 12:0 a.m.5 views

Nacos Spring Project 代码问题漏洞

Nacos Spring Project is a Nacos Group open source project for discovering, configuring and managing cloud-native applications. A security vulnerability exists in Nacos Spring Project v.1.1.1 and earlier versions, which stems from a vulnerability that allows an attacker to execute arbitrary code v...

8.8CVSS8.4AI score0.01068EPSS
Exploits1References2
Rows per page
Query Builder