CVE-2022-36944 in Banking Corporate Lending Process Managementinformazioni

Riassunto

di MITRE • 23/09/2022

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network connections, or possibly run arbitrary code (specifically, Function0 functions) via a gadget chain.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Prenotare

27/07/2022

Divulgazione

23/09/2022

Moderazione

accettato

Voce

6

Collegare

mostrare

CPE

pronto

EPSS

0.08343

KEV

no

Attività

molto basso

Settore

Finance

Fonti

Might our Artificial Intelligence support you?

Check our Alexa App!