Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A deserialization flaw is present in Taoensso Nippy before 2.14.2. In some circumstances, it is possible for an attacker to create a malicious payload that, when deserialized, will allow arbitrary code to be executed. This occurs because there is automatic use of the Java Serializable interface.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Taoensso Nippy 代码问题漏洞
Vulnerability Description
Taoensso Nippy 2.14.2版本中存在安全漏洞。该漏洞源于反序列化自动使用了Java Serializable接口,攻击者可利用该漏洞在反序列化时允许执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A