GHSA-V6C8-PWHQ-288M Nacos Spring vulnerable to Unsafe Deserialization

An issue in Nacos Group Nacos Spring Project v.1.1.1 and before allows a remote attacker to execute arbitrary code via the SnakeYamls Constructor component...

Nacos Spring Project 代码问题漏洞

Nacos Spring Project is a Nacos Group open source project for discovering, configuring and managing cloud-native applications. A security vulnerability exists in Nacos Spring Project v.1.1.1 and earlier versions, which stems from a vulnerability that allows an attacker to execute arbitrary code v...

Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.14 Multiple Vulnerabilities (CloudBees Security Advisory 2023-04-05)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.14. It is, therefore, affected by multiple vulnerabilities including the following: - CloudBees Backup plugin uses SHA-1 hashes for the approvers map BEE-29578 - CloudBee...

Deserialization of untrusted data

cwlviewer is a web application to view and share Common Workflow Language workflows. Versions prior to 1.3.1 contain a Deserialization of Untrusted Data vulnerability. Commit number f6066f09edb70033a2ce80200e9fa9e70a5c29de dated 2021-09-30 contains a patch. There are no available workarounds asid...

Cwlviewer 代码问题漏洞

Cwlviewer is a web application for viewing and sharing workflows in the Common Workflow Language. A code issue vulnerability exists in cwlviewer that stems from the SnakeYaml constructor allowing parsing of any data...