CVE-2017-20189 in Clojureinfo

Summary

In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

01/22/2024

Disclosure

01/22/2024

CPE

ready

CVSS

7.6

EPSS

0.03376

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2017-20189
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2017-20189
CVE Detailshttps://www.cvedetails.com/cve/CVE-2017-20189/

PreviousOverviewNext