com.adobe.blazeds:blazeds-common@1.0-beta1 vulnerabilities

  • latest version

    3.2.0.3978

  • first published

    16 years ago

  • latest version published

    15 years ago

  • licenses detected

  • package manager

Direct Vulnerabilities

Known vulnerabilities in the com.adobe.blazeds:blazeds-common package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • C
Deserialization of Untrusted Data

com.adobe.blazeds:blazeds-common is a server-based Java remoting and web messaging technology that enables developers to easily connect to back-end distributed data and push data in real-time to Adobe Flex and Adobe AIR applications for more responsive rich Internet application (RIA) experiences.

Affected versions of this package are vulnerable to Deserialization of Untrusted Data. Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX data, which allows attackers to have an unspecified impact via unknown vectors, related to a "deserialization vulnerability."

How to fix Deserialization of Untrusted Data?

There is no fixed version for com.adobe.blazeds:blazeds-common.

[0,)
  • M
Denial of Service (DoS)

com.adobe.blazeds:blazeds-common is a server-based Java remoting and web messaging technology that enables developers to easily connect to back-end distributed data and push data in real-time to Adobe Flex and Adobe AIR applications for more responsive rich Internet application (RIA) experiences.

Affected versions of this package are vulnerable to Denial of Service (DoS). Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly handle object graphs, which allows attackers to cause a denial of service via unspecified vectors, related to a "complex object graph vulnerability."

How to fix Denial of Service (DoS)?

There is no fixed version for com.adobe.blazeds:blazeds-common.

[0,)