VYPR
Critical severity9.8OSV Advisory· Published Nov 26, 2018· Updated Jun 17, 2026

CVE-2018-19530

CVE-2018-19530

Description

HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because the decodeXml function uses XStream unsafely when configured with an xml.codec=httl.spi.codecs.XstreamCodec setting.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Httl/HttlOSV2 versions
    1.0.0, 1.0.1, 1.0.10, …+ 1 more
    • (no CPE)range: 1.0.0, 1.0.1, 1.0.10, …
    • (no CPE)range: <=1.0.11

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.