CVE-2023-31890
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in maven/com.glazedlists/glazedlists
Identifiers
GHSA-p6m6-9j36-vfjx, CVE-2023-31890
Package Slug
maven/com.glazedlists/glazedlists
Vulnerability
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Description
An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode() parameter.
Affected Versions
Version 1.11.0
Solution
Unfortunately, there is no solution available yet.
Last Modified
2023-05-17
| source |