![]() The exploit has been disclosed to the public and may be used. This vulnerability affects the function getData of the file src/main/java/com/xhb/pay/action/PayTempOrderAction.java. The identifier of this vulnerability is VDB-250596.Ī vulnerability classified as critical was found in fhs-opensource iparking 1.5.22.RELEASE. It is recommended to upgrade the affected component. Upgrading to version 3.2 is able to address this issue. It is possible to launch the attack remotely. The manipulation leads to weak password recovery. ![]() Affected is an unknown function of the file src/main/java/com/jsh/erp/controller/UserController.java. As a workaround, do not load data which originated from an untrusted source or that could have been tampered with.Ī vulnerability classified as problematic has been found in Huaxia ERP up to 3.1. The patch is included in `ion-java` 1.10.5. An actor could craft Ion data that, when loaded by the affected application and/or processed using the `IonValue` model, results in a `StackOverflowError` originating from the `ion-java` library. Prior to version 1.10.5, a potential denial-of-service issue exists in `ion-java` for applications that use `ion-java` to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the `IonValue` model and then invoke certain `IonValue` methods on that in-memory representation. Amazon Ion is a Java implementation of the Ion data notation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |