Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
aizuda snail-job Workflow-Task Management Module check-node-expression getRuntime deserialization
Vulnerability Description
A vulnerability was found in aizuda snail-job 1.4.0. It has been classified as critical. Affected is the function getRuntime of the file /snail-job/workflow/check-node-expression of the component Workflow-Task Management Module. The manipulation of the argument nodeExpression leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
可信数据的反序列化
Vulnerability Title
SnailJob 代码问题漏洞
Vulnerability Description
SnailJob是aizuda开源的一个灵活、可靠且高效的分布式任务重试和任务调度平台。 SnailJob 1.4.0版本存在代码问题漏洞,该漏洞源于反序列化漏洞。
CVSS Information
N/A
Vulnerability Type
N/A