org.infinispan:infinispan-core@9.3.0.Alpha1 vulnerabilities
-
latest version
15.0.0.Dev10
-
latest non vulnerable version
-
first published
13 years ago
-
latest version published
3 months ago
-
licenses detected
- [6.0.0.Alpha1,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.infinispan:infinispan-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
org.infinispan:infinispan-core is a data grid platform and highly scalable NoSQL cloud data store. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via XML and JSON transcoders under certain server configurations. A user with authenticated access to the server could send a malicious object to a cache configured to accept certain types of objects, achieving code execution and possible further attacks. How to fix Deserialization of Untrusted Data? Upgrade |
[7.0.0.Final,9.3.0.Final)
|