pkg:maven/org.clojure/clojure
Type
maven
Namespace
org.clojure
Name
clojure
Known advisories, vulnerabilities and fixes for org.clojure/clojure package.
Critical
1
Moderate
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | < 1.9.0 |
CVE-2017-20189
|
 MAVEN:GHSA-JGXC-8MWQ-9XQW
|
Clojure classes can be used to craft a serialized object that runs arbitrary code on deserialization | critical |
2024-01-22T06:30:32
(7 months ago) |
|
| Fixed | = 1.9.0 |
CVE-2017-20189
|
MAVEN:GHSA-JGXC-8MWQ-9XQW
|
Clojure classes can be used to craft a serialized object that runs arbitrary code on deserialization | critical |
2024-01-22T06:30:32
(7 months ago) |
|
| Affected | >= 1.2.0, <= 1.12.0-alpha8 |
CVE-2024-22871
|
MAVEN:GHSA-VR64-R9QJ-H27F
|
Reading specially crafted serializable objects from an untrusted source may cause an infinite loop and denial of service | moderate |
2024-02-29T03:33:18
(6 months ago) |
|
| Fixed | = 1.12.0-alpha9 |
CVE-2024-22871
|
MAVEN:GHSA-VR64-R9QJ-H27F
|
Reading specially crafted serializable objects from an untrusted source may cause an infinite loop and denial of service | moderate |
2024-02-29T03:33:18
(6 months ago) |