Lucene search
PRIOn knowledge basePRION:CVE-2021-36483HistoryAug 04, 2021 - 11:15 a.m.
Deserialization of untrusted data
2021-08-0411:15:00
PRIOn knowledge base
www.prio-n.com
2
DevExpress.XtraReports.UI through v21.1 allows attackers to execute arbitrary code via insecure deserialization.
| CPE | Name | Operator | Version |
|---|---|---|---|
| devexpress | le | 21.1 |
References
gist.github.com/tree-chtsec/27013ed6cb297b24e44f6359439b678e
supportcenter.devexpress.com/ticket/details/t1031535/reporting-unsafe-data-type-deserialization
supportcenter.devexpress.com/ticket/details/t708194/net-web-controls-unsafe-data-type-deserialization
supportcenter.devexpress.com/ticket/details/t714296/net-desktop-controls-unsafe-data-type-deserialization
www.chtsecurity.com/news/a01d1bc6-19c8-4187-b343-6bc685efe64f
www.zerodayinitiative.com/advisories/ZDI-22-341/
Related
nvd
nvd
CVE-2021-36483
2021-08-04 11:15:08
zdi
zdi
cvelist
cvelist
CVE-2021-36483
2021-08-04 10:04:29
cve
cve
CVE-2021-36483
2021-08-04 11:15:08
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00