1. Home
  2. CVEs with refmap.mlist==[ignite-dev] 20180719 [CVE-2018-8018] Possible Execution of Arbitrary Code via Apache Ignite GridClientJdkMarshaller
Max CVSS 7.5 Min CVSS 7.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-8018 7.5
In Apache Ignite before 2.4.8 and 2.5.x before 2.5.3, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present
28-02-2019 - 22:03 20-07-2018 - 01:29
Back to Top Mark selected
Back to Top