4 matches found
Deserialization Of Untrusted Data
com.aizuda, snail-job is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to improper input validation of the nodeExpression argument in the getRuntime function of the Workflow-Task Management Module, allowing an attacker to execute arbitrary code remotely...
GHSA-4M5H-5V4Q-4XGQ aizuda snail-job Vulnerable to Deserialization via `nodeExpression` Argument
A vulnerability was found in aizuda snail-job 1.4.0. It has been classified as critical. Affected is the function getRuntime of the file /snail-job/workflow/check-node-expression of the component Workflow-Task Management Module. The manipulation of the argument nodeExpression leads to...
CVE-2025-2622 aizuda snail-job Workflow-Task Management Module check-node-expression getRuntime deserialization
A vulnerability was found in aizuda snail-job 1.4.0. It has been classified as critical. Affected is the function getRuntime of the file /snail-job/workflow/check-node-expression of the component Workflow-Task Management Module. The manipulation of the argument nodeExpression leads to...
CVE-2025-2622 aizuda snail-job Workflow-Task Management Module check-node-expression getRuntime deserialization
A vulnerability was found in aizuda snail-job 1.4.0. It has been classified as critical. Affected is the function getRuntime of the file /snail-job/workflow/check-node-expression of the component Workflow-Task Management Module. The manipulation of the argument nodeExpression leads to...