Lucene search
Veracode Vulnerability DatabaseVERACODE:20785HistoryJul 12, 2019 - 6:19 a.m.
Arbitrary Code Execution
2019-07-1206:19:18
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.017 Low
EPSS
Percentile
87.8%
restlet is vulnerable to arbitrary code execution. A remote attacker is able to execute arbitrary Java code using a malicious serialized object due to the default configuration of the ObjectRepresentation class which performs deserialization of objects from untrusted sources. This is a different vulnerability from CVE-2013-4221.
| CPE | Name | Operator | Version |
|---|---|---|---|
| restlet core api and engine | le | 2.1.3 | |
| restlet core api and engine | le | 2.1.3 |
Related
osv
osv
Restlet Arbitrary Java Code Execution via a serialized object
2022-05-17 03:28:57
Restlet is vulnerable to Arbitrary Java Code Execution via crafted XML
2022-05-17 03:28:12
prion
prion
Default configuration
2013-10-10 00:55:00
Default configuration
2013-10-10 00:55:00
github
github
Restlet Arbitrary Java Code Execution via a serialized object
2022-05-17 03:28:57
Restlet is vulnerable to Arbitrary Java Code Execution via crafted XML
2022-05-17 03:28:12
cvelist
cvelist
CVE-2013-4271
2013-10-10 00:00:00
CVE-2013-4221
2013-10-10 00:00:00
ubuntucve
ubuntucve
CVE-2013-4271
2013-10-10 00:00:00
CVE-2013-4221
2013-10-10 00:00:00
nvd
nvd
CVE-2013-4271
2013-10-10 00:55:14
CVE-2013-4221
2013-10-10 00:55:14
cve
cve
CVE-2013-4271
2013-10-10 00:55:14
CVE-2013-4221
2013-10-10 00:55:14
redhat
redhat
(RHSA-2013:1410) Important: Red Hat JBoss Fuse/A-MQ 6.0.0 patch 4
2013-10-07 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-07-12 06:19:18
avleonov
avleonov
CWEs in NVD CVE feed: analysis and complaints
2017-10-21 14:10:30