漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Esoteric YamlBeans through 1.15. It allows untrusted deserialisation to Java classes by default, where the data and class are controlled by the author of the YAML document being processed.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Esoteric Software YamlBeans 代码问题漏洞
Vulnerability Description
YamlBeans是Esoteric Software开源的一个库。可以轻松地将 Java 对象图与 YAML。 Esoteric Software YamlBeans 1.15及之前版本存在安全漏洞,该漏洞源于允许对 Java 类进行不受信任的反序列化。
CVSS Information
N/A
Vulnerability Type
N/A