com.adobe.blazeds:blazeds-core@1.0-beta1 vulnerabilities
latest version
3.2.0.3978
first published
17 years ago
latest version published
15 years ago
licenses detected
- [1.0-beta1,)
package manager
Direct Vulnerabilities
Known vulnerabilities in the com.adobe.blazeds:blazeds-core package. This does not include vulnerabilities belonging to this package’s dependencies.
How to fix?
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
com.adobe.blazeds:blazeds-core is a connect to back-end distributed data and push data in real-time to Adobe Flex and Adobe AIR applications for more responsive rich Internet application (RIA) experiences. Affected versions of this package are vulnerable to Denial of Service (DoS). Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly handle object graphs, which allows attackers to cause a denial of service via unspecified vectors, related to a "complex object graph vulnerability." How to fix Denial of Service (DoS)? There is no fixed version for | [0,) |
com.adobe.blazeds:blazeds-core is a connect to back-end distributed data and push data in real-time to Adobe Flex and Adobe AIR applications for more responsive rich Internet application (RIA) experiences. Affected versions of this package are vulnerable to Deserialization of Untrusted Data. Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX data, which allows attackers to have an unspecified impact via unknown vectors, related to a "deserialization vulnerability." How to fix Deserialization of Untrusted Data? There is no fixed version for | [0,) |