foundation-config is vulnerable to arbitrary code execution. An insecure and unsafe local YAML file parsing allows an attacker to execute arbitrary code on the host OS via a malicious YAML file.
CPE | Name | Operator | Version |
---|---|---|---|
java chassis::foundations::config | le | 1.3.1 | |
java chassis::foundations::config | le | 2.1.5 |