CVE-2022-46366
CVSS v3.1
9.8 (Critical)
EPSS
5.02 % (93th)
Affected Products
1
Advisories
1
NVD Status
Modified
Apache Tapestry 3.x allows deserialization of untrusted data, leading to remote code execution. This issue is similar to but distinct from CVE-2020-17531, which applies the the (also unsupported) 4.x version line. NOTE: This vulnerability only affects Apache Tapestry version line 3.x, which is no longer supported by the maintainer. Users are recommended to upgrade to a supported version line of Apache Tapestry.
- CVE Status
- PUBLISHED
- NVD Status
- Modified
- CNA
- Apache Software Foundation
- Published Date
-
2022-12-02 14:15:10
(21 months ago) - Updated Date
-
2024-08-03 15:15:36
(6 weeks ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...