Maven package
com.taoensso/nippy
pkg:maven/com.taoensso/nippy
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-24164 | — | < 2.14.2 | 2.14.2 | Sep 11, 2020 | A deserialization flaw is present in Taoensso Nippy before 2.14.2. In some circumstances, it is possible for an attacker to create a malicious payload that, when deserialized, will allow arbitrary code to be executed. This occurs because there is automatic use of the Java Seriali |
- CVE-2020-24164Sep 11, 2020affected < 2.14.2fixed 2.14.2
A deserialization flaw is present in Taoensso Nippy before 2.14.2. In some circumstances, it is possible for an attacker to create a malicious payload that, when deserialized, will allow arbitrary code to be executed. This occurs because there is automatic use of the Java Seriali