| Max CVSS | 6.5 | Min CVSS | 6.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-0750 | 6.5 |
The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code executi
|
09-10-2019 - 23:16 | 11-09-2018 - 13:29 | |
| CVE-2017-15089 | 6.5 |
It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the cl
|
04-06-2019 - 17:29 | 15-02-2018 - 17:29 |