Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-1070

Malicious code in bioql PyPI...

9.8CVSS4.6AI score0.00945EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2024/04/06 12:30 p.m.23 views

Xuxueli xxl-job template injection vulnerability

A vulnerability classified as problematic was found in Xuxueli xxl-job version 2.4.0. This vulnerability affects the function deserialize of the file com/xxl/job/core/util/JdkSerializeTool.java of the component Template Handler. The manipulation leads to injection. The exploit has been disclosed ...

9.8CVSS7.5AI score0.00945EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2024/04/06 11:15 a.m.24 views

CVE-2024-3366

A vulnerability classified as problematic was found in Xuxueli xxl-job up to 2.4.1. This vulnerability affects the function deserialize of the file com/xxl/job/core/util/JdkSerializeTool.java of the component Template Handler. The manipulation leads to injection. The exploit has been disclosed to...

9.8CVSS4.4AI score0.00945EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/04/06 10:31 a.m.36 views

CVE-2024-3366 Xuxueli xxl-job Template JdkSerializeTool.java deserialize injection

A vulnerability classified as problematic was found in Xuxueli xxl-job up to 2.4.1. This vulnerability affects the function deserialize of the file com/xxl/job/core/util/JdkSerializeTool.java of the component Template Handler. The manipulation leads to injection. The exploit has been disclosed to...

3.5CVSS4.7AI score0.00945EPSS
Exploits1References4
CVE
CVE
added 2024/04/06 10:31 a.m.92 views

CVE-2024-3366

Xuxueli XXL-Job up to 2.4.1 contains a Template Handler deserialization vulnerability in com/xxl/job/core/util/JdkSerializeTool.java that enables template-injection via manipulated byte arrays. The flaw allows injection due to lack of sanitization in deserialize(), with exploitation disclosed pub...

9.8CVSS4.2AI score0.00945EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder