CVE-2022-36944|Scala 2.13.x before 2.13.9 has a... - VULHUB开源网络安全威胁库

Scala 2.13.x before 2.13.9 has a... CVE-2022-36944

- AV AC AU C I A

发布： 2022-09-23

修订： 2023-11-07

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network connections, or possibly run arbitrary code (specifically, Function0 functions) via a gadget chain.

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有4条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™

Scala 2.13.x before 2.13.9 has a... CVE-2022-36944

漏洞利用/PoC

受影响的平台与产品

贡献用户

相关漏洞清单查看更多>

Scala 2.13.x before 2.13.9 has a... CVE-2022-36944

漏洞利用/PoC

受影响的平台与产品

贡献用户

相关漏洞清单 查看更多>

相关漏洞清单查看更多>