Maven package
org.noear/solon
pkg:maven/org.noear/solon
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-48967 | — | <= 2.6.0 | — | Dec 4, 2023 | Ssolon <= 2.6.0 and <=2.5.12 is vulnerable to Deserialization of Untrusted Data. | ||
| CVE-2023-35839 | — | < 2.3.3 | 2.3.3 | Jun 19, 2023 | A bypass in the component sofa-hessian of Solon before v2.3.3 allows attackers to execute arbitrary code via providing crafted payload. |
- CVE-2023-48967Dec 4, 2023affected <= 2.6.0
Ssolon <= 2.6.0 and <=2.5.12 is vulnerable to Deserialization of Untrusted Data.
- CVE-2023-35839Jun 19, 2023affected < 2.3.3fixed 2.3.3
A bypass in the component sofa-hessian of Solon before v2.3.3 allows attackers to execute arbitrary code via providing crafted payload.