Improper Control of Dynamically-Managed Code Resources
ff4j 1.8.11 is vulnerable to Remote Code Execution (RCE) by allowing constructors of objects be called with arbitrary values.
Advisories for Maven/Org.ff4j/Ff4j-Core package
2022
ff4j 1.8.11 is vulnerable to Remote Code Execution (RCE) by allowing constructors of objects be called with arbitrary values.