2 matches found
CVE-2025-10492
CVE-2025-10492 describes a Java deserialization vulnerability in the Jaspersoft Library (part of JasperReports). The issue arises from improper handling of externally supplied data, enabling attackers to execute arbitrary code remotely on systems using the affected library. The vulnerability is s...
CVE-2024-3325
Jaspersoft JasperReports Server CVE-2024-3325 affects version 8.0.4 through 9.0.0. Root cause: a JDBC driver upload feature is not properly guarded by configuration, leaving the server susceptible if the administrator does not enable the safety control. The vulnerability description in the connec...