VYPR
Critical severity9.8NVD Advisory· Published Apr 11, 2017· Updated Jun 17, 2026

CVE-2016-0779

CVE-2016-0779

Description

The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Apache/TomEE3 versions
    cpe:2.3:a:apache:tomee:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:apache:tomee:*:*:*:*:*:*:*:*range: <=1.7.3
    • cpe:2.3:a:apache:tomee:7.0.0:m1:*:*:*:*:*:*
    • (no CPE)range: <1.7.4, <7.0.0-M3

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.