An issue was discovered in Esoteric YamlBeans through 1.15. It allows untrusted deserialisation to Java classes by default, where the data and class are controlled by the author of the YAML document being processed.
Metrics
Affected Vendors & Products
References
History
Wed, 02 Oct 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-10-02T18:06:24.584Z
Reserved: 2023-01-30T00:00:00
Link: CVE-2023-24621

Updated: 2024-08-02T11:03:18.917Z

Status : Modified
Published: 2023-08-25T20:15:07.983
Modified: 2024-11-21T07:48:14.927
Link: CVE-2023-24621

No data.