CVE-2013-2185: Improper Input Validation
(updated )
The readObject
method in the DiskFileItem
class in JBoss Web allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.
References
Detect and mitigate CVE-2013-2185 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →