CVE-2015-3253: Remote execution of untrusted code in class MethodClosure
(updated )
The MethodClosure
class in runtime/MethodClosure.java
in this package allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.
References
Detect and mitigate CVE-2015-3253 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →