GHSA-p6m6-9j36-vfjx, CVE-2023-31890
maven/com.glazedlists/glazedlists
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
An XML Deserialization vulnerability in glazedlists v1.11.0 allows an attacker to execute arbitrary code via the BeanXMLByteCoder.decode() parameter.
Version 1.11.0
Unfortunately, there is no solution available yet.
2023-05-17
source |