9 matches found
EUVD-2023-51307
Malicious code in bioql PyPI...
CVE-2023-47174
Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal, a related issue to CVE-2016-1000027. Also, within the specific context of Thorn SFTP gateway, this leads to remote code execution...
CVE-2023-47174
Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal, a related issue to CVE-2016-1000027. Also, within the specific context of Thorn SFTP gateway, this leads to remote code execution...
CVE-2023-47174
Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal, a related issue to CVE-2016-1000027. Also, within the specific context of Thorn SFTP gateway, this leads to remote code execution...
Deserialization of untrusted data
Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal, a related issue to CVE-2016-1000027. Also, within the specific context of Thorn SFTP gateway, this leads to remote code execution...
CVE-2023-47174
CVE-2023-47174 affects Thorn SFTP gateway 3.4.x up to 3.4.3. The underlying issue is Java deserialization of untrusted data within the embedded Pivotal Spring Framework, which is not supported by Pivotal. This deserialization chain can lead to remote code execution in Thorn SFTP gateway environme...
PT-2023-30342 · Pivotal · Spring Framework
Name of the Vulnerable Software and Affected Versions: Thorn SFTP gateway versions 3.4.x through 3.4.3 Description: The issue arises from the use of Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal. This leads to remote code execution within t...
CVE-2023-47174
Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal, a related issue to CVE-2016-1000027. Also, within the specific context of Thorn SFTP gateway, this leads to remote code execution...
CVE-2023-47174
Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal, a related issue to CVE-2016-1000027. Also, within the specific context of Thorn SFTP gateway, this leads to remote code execution...