whaleal IceFrog Aviator Template Engine deserialization
Description
A vulnerability classified as problematic has been found in whaleal IceFrog 1.1.8. Affected is an unknown function of the component Aviator Template Engine. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231804.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2023-3308 is a deserialization vulnerability in whaleal IceFrog 1.1.8's Aviator Template Engine with a public exploit.
Vulnerability
CVE-2023-3308 is a deserialization vulnerability found in whaleal IceFrog version 1.1.8. The flaw affects an unknown function within the Aviator Template Engine component, leading to insecure deserialization of untrusted data [1].
Exploitation
The vulnerability has been publicly disclosed, and an exploit is available. The attack vector is network-based, and no authentication is required, making it remotely exploitable. The exact prerequisites for successful exploitation are not detailed, but the presence of a public exploit increases the risk [1].
Impact
Successful exploitation allows an attacker to perform deserialization, which can result in arbitrary code execution, denial of service, or other malicious actions depending on the context. The severity is considered problematic, and the vulnerability is tracked as VDB-231804 [1].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.whaleal.icefrog:icefrog-allMaven | <= 1.1.8 | — |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/NanKeXXX/selfVuln_poc/blob/main/whaleal%3Aicefrog/icefrog_1.1.8_RCE.mdghsabroken-linkexploitWEB
- github.com/advisories/GHSA-rx62-5cw6-x29qghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-3308ghsaADVISORY
- github.com/NanKeXXX/selfVuln_poc/blob/main/whaleal:icefrog/icefrog_1.1.8_RCE.mdghsaWEB
- vuldb.comghsasignaturepermissions-requiredWEB
- vuldb.comghsavdb-entrytechnical-descriptionWEB
News mentions
0No linked articles in our index yet.