Dozer improperly uses a reflection-based approach to type conversion, which might allow remote attackers to execute arbitrary code via a crafted serialized object.
Metrics
Affected Vendors & Products
References
History
Thu, 22 Aug 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-12-29T22:00:00
Updated: 2024-08-22T14:44:13.839Z
Reserved: 2015-01-05T00:00:00
Link: CVE-2014-9515
Vulnrichment
Updated: 2024-08-06T13:47:41.338Z
NVD
Status : Modified
Published: 2017-12-29T22:29:00.520
Modified: 2024-11-21T02:21:04.277
Link: CVE-2014-9515
Redhat