Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. NOTE: the vendor disputes this because input to the Pebble templating engine is intended to include arbitrary Java code, and thus either the input should not arrive from an untrusted source, or else the application using the engine should apply restrictions to the input. The engine is not responsible for validating the input.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Pebble Templates 安全漏洞
Vulnerability Description
Pebble Templates是一款Java模板引擎。 Pebble Templates 3.1.5 版本存在安全漏洞,该漏洞允许攻击者绕过保护机制,使用springbok实现任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A