com.adobe.blazeds:blazeds-common@3.0.0.544 vulnerabilities
-
latest version
3.2.0.3978
-
first published
16 years ago
-
latest version published
15 years ago
-
licenses detected
- [1.0-beta1,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the com.adobe.blazeds:blazeds-common package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
com.adobe.blazeds:blazeds-common is a server-based Java remoting and web messaging technology that enables developers to easily connect to back-end distributed data and push data in real-time to Adobe Flex and Adobe AIR applications for more responsive rich Internet application (RIA) experiences. Affected versions of this package are vulnerable to Deserialization of Untrusted Data. Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX data, which allows attackers to have an unspecified impact via unknown vectors, related to a "deserialization vulnerability." How to fix Deserialization of Untrusted Data? There is no fixed version for |
[0,)
|
com.adobe.blazeds:blazeds-common is a server-based Java remoting and web messaging technology that enables developers to easily connect to back-end distributed data and push data in real-time to Adobe Flex and Adobe AIR applications for more responsive rich Internet application (RIA) experiences. Affected versions of this package are vulnerable to Denial of Service (DoS). Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly handle object graphs, which allows attackers to cause a denial of service via unspecified vectors, related to a "complex object graph vulnerability." How to fix Denial of Service (DoS)? There is no fixed version for |
[0,)
|